grampian data safe haven - university of aberdeen · integral part of the uk-wide network _ david...
TRANSCRIPT
HEADLINES
• Link data from across sources and life course
– effects of exposures, healthcare and experiences that influence health and disease
– enable policy evaluation through natural experiments
• “Data custodians”
• Publications >100 peer reviewed publication in last 5 years
• Grants >£7M “live” grant income in last 5 years
ehealth Research
ehealth Research
Andrew Morris “To establish a vibrant, pre-eminent, interdisciplinary Scottish eHealth Informatics Research Centre, as an integral part of the UK-wide network”
David Cameron "simply a waste to have the NHS and not to use the medical data it generates. …this does not threaten privacy, it doesn't mean anyone can look at your health records, but it does mean using anonymous data to make new medical breakthroughs.”
MRC “The UK has an international reputation for undertaking leading edge large scale health data analysis and population based research…a secure and ethical environment, will provide unprecedented opportunities for clinical, health services, social and public health research.”
Research Infrastructure
Public & Professional Perception (CHIMES & SHIP)
• Identifiable data held by “trusted” custodian – the NHS
• Governance arrangements are robust and clear
• Anxiety about what is “best practice”
• Sanctions are available if researchers/institutions put privacy at risk of disclosure.
Research Infrastructure Changes
SHIP
• “A Blueprint for Health Records Research in Scotland” 2011
Scottish Government
• “A Scotland wide Data Linkage Framework for statistics and research” 2012
Legislation
• Changing environment under European Data Protection laws
Research Infrastructure Changes
AIM: Minimising the risk of disclosure & facilitate research
Principles
• Safe trafficking of data
• Safe Storage of data
• Safe Research
• Safe Researchers
Research Infrastructure Changes
• Safe Trafficking of data – Minimise movement out with the NHS environment – Best practice during transfers – Separate identifiers from data
• Safe Storage of data – Identifiable data stored within NHS environment – Data and identifiers stored separately – Best practice for storage of linked anonymised data – Minimising opportunity for “reconstruction” of data to identifiers – Safe archiving and sharing of linked data
• Safe Research – Appropriate approvals in place (complex) – Clear data management plans – Support to optimise use of data and data management
• Safe Researchers – Approved researcher status – Clear linked dataset custodianship – Separation from identifiable data
Research Infrastructure Responsibility
• Data custodians/steering groups
• Caldicott Guardians
• Ethics
• Funders
• Institutions
• PIs
• Data Management
Existing requirement
• Permissions pathway complex and inconsistent
Change already underway
• Ethics requires institution to “provide governance assurance”
• Safe Haven already requirement by ethics committees
• Data release being refused/restricted or delayed
• Data custodians requiring assurance over disclosure risk management
• Researcher anxiety over loss of data “control”
Research Infrastructure Changes
1. Remain the same
2. Invest in a flexible data management arrangement that allows proportionate data governance to meet the changing demands and that we can tailor to our needs
3. Contract into a Safe Haven at another institution
Research Infrastructure Options
1 2 3
Inefficient Time to develop Loss of control
Research stopped Time for DMP Each SH different
Investment Travel to dumb terminals
Increase for DMT No direct accountability
Separate researcher from identifiable data
• Safe and sustainable storage, transmission and linkage of data
• Clear proportionate governance arrangements
• Secure access for eligible researchers
Research Planning
Mechanisms
Research Disclosure Risk Management
Data Management
HEADLINES
Grampian Data Safe Haven
Researcher / Research
Team
Data Sharing and
Archiving
Early Research
idea
Early Project Planning
Project Permissions
Data Management
DaSH Disclosure Risk Management
Research Co-ordinator Support Research team Development of data management plan Provide best practice examples Support audit “Collective memory” Support documentation of linkage Documentation of datasets
Early Research idea
Early Project Planning
Project Permissions
Data Management
Data Sharing
• Knowledge of variables and issues
• Checking linkage robustness
• Addition of CHI or other identifiers
• Meta-data
• Liaise with data controllers
Details of Individual Datasets
Indexing Service
Linkage and
Extraction
Linkage Validation
DASH Disclosure Risk
Management
Early Research idea
Early Project Planning
Project Permissions
Data Management
Data Sharing
Details of Individual
Datasets
Indexing Service
Linkage and Extraction
Linkage Validation
Manage Linked Dataset Support access Storage/archive/sharing Disclosure risk assessment
Governance audit & monitoring
Changes
• DMT Infrastructure
• Research Coordinator support
– Data management plan
– Work closely with DMT
– Permissions/funding applications
– Liaison with data custodians
• Supported access
– “Approved status”
– Documentation of linkage
– Access via secure folders – minimised data transfer
Researcher PI responsibility
• Ensure meet disclosure risk management requirements of approvals
• Data are not moved out with approval requirements. Movement is minimised (includes annonymised data)
• Access via vpn initially – move to remote access system in time