Data Security introduction
DataLoch brings together routine data collected as part of people's day-to-day interactions with health and social care services. NHS Lothian is the lead Data Controller of all data hosted by DataLoch. Protecting the individual identities of all those in the data is the DataLoch team's most important priority.
Understandably, any use of health and care data can raise concerns around issues of privacy and who has access. DataLoch processes data according to the NHS Lothian DataLoch Privacy Notice.
The DataLoch team has a Data Protection Impact Assessment in place to help identify and minimise any data protection risks. This is continually monitored and modified as the DataLoch service continues to develop, in consultation with other parties that may contribute data to DataLoch.
In the DataLoch team, we take our responsibility for keeping data safe very seriously and as part of our approach, we have incorporated the Five Safes framework developed by the Office for National Statistics (ONS) and used by research data centres worldwide.
Data security 2nd paragraph
1. Safe People
A researcher wishing to access extracts from the DataLoch repository must follow an approved application process and complete relevant training as described within the Charter for Safe Havens in Scotland definition of an approved researcher. This requires applicants to meet a number of key governance criteria to ensure their purposes are legitimate and in the public interest.
2. Safe Projects
Each project goes through careful scrutiny by NHS employees trained in data privacy, to ensure the request is appropriate and proportionate. Then, depending on the specific purpose and data of the project, approvals may be required from: an independent ethics panel; a national Research Ethics Committee; and/or a Caldicott Guardian. Our Public Reference Group provides Public Value Assessments to ensure each proposal has a clearly defined public benefit, as well as feedback on the overall project-approvals process to support further learning and development.
The legal provisions around processing health data are detailed within the NHS Lothian DataLoch Privacy Notice.
More about our Public Reference Group
3. Safe Data
We do not share identifiable data outside of the NHS.
Data accessed by researchers are de-identified, meaning that aspects that can directly identify an individual (like names, addresses, and date of birth) are removed. Before giving access to researchers, we also check the data so that someone’s identity is unlikely to be inferred, for example from a rare condition or unique combination of information. We take steps to avoid this kind of inferred identification, for example aggregating information into ranges (e.g. between ages 25-50) or withholding data. This process is called pseudonymisation. While the process varies with every project, it is designed to minimise the risk of anyone being able to identify individuals represented in the data.
Project data extracts are archived and deleted according to legislative record management policies.
4. Safe Settings
All data hosted by DataLoch are housed within a secure NHS Lothian IT infrastructure. Once projects and researchers are approved, the necessary data are supplied to researchers either within NHS Lothian to specified staff, or accessed through our secure data environment. Researchers can only access approved data directly related to their project using two-factor authentication, and this data cannot leave the secure environment (i.e. it cannot be downloaded to a particular computer or other device).
5. Safe Outputs
Once a researcher has completed their analysis and produced summary data that they wish to remove from our secure data environment, they can only do so following scrutiny by the DataLoch team. The analyst double-checks the proposed outputs to ensure that any risk of disclosure has been mitigated. Once scrutinised and satisfied, the results can then be released to the researcher.
NHS Lothian, as lead Data Controller has robust legal agreements with the University of Edinburgh as a data processor and with contributing data providers. These agreements describe how the data can be treated. All approved projects led by researchers also have agreements with DataLoch that describe their responsibilities in keeping data safe.
Data security 3rd paragraph
What kind of work will DataLoch support?
After two years of development, we fully launched the DataLoch service in July 2022.
As well as service-management requests from the NHS, DataLoch also considers applications from researchers who wish to securely access health and social care data from the South-East Scotland region. Researchers can be from private- and third-sector organisations, as well as from academic or clinical settings.
The application process includes an assessment of whether the project will benefit patients and is in the public interest. For example, partnerships between the NHS and private- or third-sector organisations can result in new healthcare technologies and treatments and medical devices that support better outcomes for patients.
For any project, there is a charge for the required support and infrastructure costs (such as time for data preparation and use of computing resources) to cover our operating costs: DataLoch is a non-profit service. This charge varies based on the complexity of the project and the type of funding and/or organisation. There is no charge for projects related to NHS service management. All successful applications are published on our website when researchers have access to the approved data.