Data Security introduction

DataLoch brings together routine data collected as part of people's day-to-day interactions with health and social care services. NHS Lothian is the lead Data Controller of all data hosted by DataLoch. Protecting the individual identities of all those in the data is the DataLoch team's most important priority. 

Understandably, any use of health and care data can raise concerns around issues of privacy and who has access. DataLoch processes data according to the NHS Lothian Privacy Notice

The DataLoch team has a Data Protection Impact Assessment in place to help identify and minimise any data protection risks. This will be continually monitored and modified as the DataLoch service continues to develop, in consultation with other parties that may contribute data to DataLoch.

In the DataLoch team, we take our responsibility for keeping data safe very seriously and as part of our approach, we have incorporated the Five Safes framework developed by the Office for National Statistics (ONS) and used by research data centres worldwide.

A doctor sat on a bed administering medication to an elderly, female patient sat next to her.

Data security 2nd paragraph

1.    Safe People

A researcher or clinician from the South-East Scotland region, wishing to access any of the datasets must follow an approved application process and complete relevant training as described within the Charter for Safe Havens in Scotland definition of an approved researcher. This requires applicants to meet a number of key criteria to ensure their purpose and interest is both legitimate and appropriate.  

2.    Safe Projects

Each project goes through careful scrutiny by NHS employees trained in data privacy, to ensure the request is appropriate, proportionate and in the public interest. Then, depending on the specific purpose and data of the project, approvals may be required from: an independent ethics panel; a national Research Ethics Committee; or Caldicott Guardian. Every project is reviewed by our Public Reference Group to assess societal value and as feedback for the previously mentioned NHS employees in their initial assessment stage.

The legal provisions around processing health data are detailed within the NHS Lothian Privacy Notice.

More about our Public Reference Group

 

3.    Safe Data

We do not share identifiable data outside of the NHS. 

Data accessed by researchers are de-identified, meaning that aspects that can directly identify an individual (like names, addresses, and date of birth) are removed. Before giving access to researchers, we also check the data so that someone’s identity is unlikely to be inferred, for example from a rare condition or unique combination of information. We take steps to avoid this kind of inferred identification, for example aggregating information into ranges (e.g. between ages 25-50) or withholding data. This process is called pseudonymisation. While the process varies with every project, it is designed to minimise the risk of anyone being able to identify individuals represented in the data.

Project data extracts are archived and deleted according to legislative record management policies

4.    Safe Settings

All data hosted by DataLoch are housed within a secure NHS Lothian IT infrastructure. Once projects and users are approved, the necessary data are supplied to researchers either within NHS Lothian to specified staff, or accessed through the secure Scottish National Safe Haven facility managed by the eDRIS team within Public Health Scotland, hosted by the EPCC at the University of Edinburgh. Researchers can only access approved data directly related to their project using two-factor authentication, and this data cannot leave the secure environment (i.e. it cannot be downloaded to a particular computer or other device).

5.    Safe Outputs

Once a researcher has completed their analysis and produced summary data that they wish to remove from the secure Scottish National Safe Haven environment, they can only do so following scrutiny by a DataLoch analyst. The analyst double-checks the proposed outputs to ensure that any risk of disclosure has been mitigated. Once scrutinised and satisfied, the results can then be released to the researcher.

NHS Lothian, as lead Data Controller has robust legal agreements with the University of Edinburgh as a data processor and with contributing data providers. These agreements describe how the data can be treated. All approved projects led by researchers also have agreements with DataLoch that describe their responsibilities in keeping data safe.

placeholder

Data security 3rd paragraph

What kind of work will DataLoch support?

Currently, DataLoch is accepting applications from academics and health and social care professionals within the South-East Scotland region. The team is also working with NHS Lothian and innovation partners to design the required governance framework for working with private- and third-sector organisations. From summer 2022, we expect to extend our service to support approved researchers from these organisations.

The application process includes an assessment of whether the project will benefit patients and is in the public interest. For example, partnerships between the NHS and private- or third-sector organisations can result in new healthcare technologies and treatments and medical devices that support better outcomes for patients.

For any project, there is a charge for the required support and infrastructure costs (such as time for data preparation and use of computing resources). This charge varies based on the complexity of the project and the type of funding and/or organisation. (For example, there is no charge for projects related to NHS service management.) Through our scale of charges, we seek to cover our operating costs: DataLoch is a non-profit service. All successful applications, including the names of private-sector applicants, are published on our website when researchers have access to the approved data.

Projects Delivered

two adults and baby using a computer