Data Security introduction

DataLoch has been entrusted by NHS Lothian with routine data collected as part of people’s day-to-day interactions with health and social care services. Consequently, protecting the identities of all those in the data is DataLoch’s most important priority. 

Understandably, any use of health and care data can raise concerns around issues of privacy and who has access. DataLoch processes data according to the NHS Lothian Privacy Notice

A Data Protection Impact Assessment has been created for the existing infrastructure and will be modified as required as we develop this infrastructure further. DataLoch, in partnership with NHS Lothian, will carry out additional privacy assessments as appropriate. 

At DataLoch, we take our responsibility for keeping data safe very seriously and as part of our approach, we have incorporated the Five Safes framework developed by the Office for National Statistics (ONS) and used by research data centres worldwide.

A doctor sat on a bed administering medication to an elderly, female patient sat next to her.

Data security 2nd paragraph

1.    Safe People

A researcher or clinician from the South-East Scotland region, wishing to access any of the datasets must follow an approved application process and complete relevant training as described within the Charter for Safe Haven in Scotland definition of an approved researcher. This requires applicants to meet a number of key criteria to ensure their purpose and interest is both legitimate and appropriate.  

2.    Safe Projects

Each project goes through careful scrutiny by NHS employees trained in data privacy, to ensure the request is appropriate, proportionate and in the public interest. Then, depending on the specific purpose and data of the project, approvals may be required from: an independent ethics panel; a national Research Ethics Committee; and Caldicott Guardian. Every project is reviewed by our Public Reference Group to assess societal value and as feedback for the previously mentioned NHS employees in their initial assessment stage.

The legal provisions around processing health data are detailed within the NHS Lothian Privacy Notice.

More about our Public Reference Group

3.    Safe Data

No identifiable data is shared outside of the NHS. 

Data accessed by researchers is de-identified, meaning that aspects that can directly identify an individual (like names, addresses, and date of birth) are removed. Before giving access to researchers, we also check the data so that someone’s identity is unlikely to be inferred, for example from a rare condition or unique combination of information. We take steps to avoid this kind of inferred identification, for example aggregating information into ranges (e.g. between ages 25-50) or withholding data. This process is called pseudonymisation. While the process varies with every project, it is designed to minimise the risk of anyone being able to identify individuals represented in the data.

Project data extracts are archived and deleted according to legislative record management policies

4.    Safe Settings

All data held by DataLoch are housed within a secure NHS Lothian IT infrastructure. Once projects and users are approved, the necessary data are supplied to researchers either within NHS Lothian to specified staff, or accessed through the secure Scottish National Safe Haven facility managed by the eDRIS team within Public Health Scotland, hosted by the EPCC at the University of Edinburgh. Researchers can only access approved data directly related to their project using two-factor authentication, and this data cannot leave the secure environment (i.e. it cannot be downloaded to a particular computer or other device).

5.    Safe Outputs

Once a researcher has completed their analysis and produced summary data that they wish to remove from the secure Scottish National Safe Haven environment, they can only do so following scrutiny by a DataLoch analyst. The analyst double-checks the proposed outputs to ensure that any risk of disclosure has been mitigated. Once scrutinised and satisfied, the results can then be released to the researcher.

DataLoch acts as a data processor and has robust legal agreements with contributing data providers, such as NHS Lothian. These agreements describe how the data can be treated. All approved projects led by researchers also have agreements with DataLoch that describe their responsibilities in keeping data safe.


Data security 3rd paragraph

What kind of work will DataLoch support?

Currently, DataLoch is accepting applications from academics and health and social care professionals within the South-East Scotland region. We are also working with NHS Lothian and innovation partners to design the required governance framework for working with private and third-sector organisations. From summer 2022, we expect to extend our service to support approved researchers from these organisations.

The application process includes an assessment of whether the project will benefit patients and is in the public interest. For example, partnerships between the NHS and private or third-sector organisations can result in new healthcare technologies and treatments and medical devices that support better outcomes for patients.

When DataLoch is working with innovators from the private sector, we will charge for the support and infrastructure costs related to the project (such as time for data preparation and use of computing resources). This varies based on the complexity of the project and the type of funding. Through our charges, we seek to cover our operating costs: DataLoch is a non-profit enterprise. All successful applications, including the names of private-sector applicants, are published on our website when researchers have access to the approved data.

Projects Delivered

two adults and baby using a computer