NHS Secure Data Environment

Governance in the Cloud series - #3, 2024

Folks, last time, I said I'd dig into why NHS Secure Data Environments (SDE) are a great model for organisations seeking to deploy their own SDE - let's start!

Actually, remind me what NHS SDEs are again?

The NHS SDEs make it safe to access and analyse Health and Social Care data. They are a platform that gives approved researchers access to pseudonymised patient level data.

What do you mean by NHS SDE ?

To be clear, in the links I've included so far, I've been referring to the NHS England SDE - I want to point out that it is just one of a group of 12 SDEs that form part of the NHS Research Secure Data Environment (SDE) Network.

The others are West Midlands, London, Kent Medway & Sussex, North West, Yorkshire & Humber, North East & North Cumbria, Thames Valley and Surrey, East Midlands, Wessex, East of England, and South West.

How do I access an NHS SDE ?

You log in via a Virtual Desktop Infrastructure (VDI), and you conduct your approved research using industry-leading tools like GitLab, R Studio, Stata, and DataBricks, which can be configured to your needs and budget.

"...Simply choose your data, run your analysis, collaborate with peers, power up with machine learning and securely output your findings, all within your secure data environment." NHS England SDE Video.

OK, so what's so great about this approach?

Well, what I've described so far is good - and can broadly already be achieved with other platforms and SDE accelerators.

BUT what these alternatives lack, and what makes the NHS SDEs great, is the end-to-end, wrap-around, governance.

Of course we know that a People-Process-Technology paradigm for NHS governance is not necessarily suitable for everyone, but it is a great baseline from which to adopt the approach that's right for you.

Here are the key features of the NHS SDE access protocols:

1. You must of course first be registered to have access to an NHS SDE - for the NHS England SDE you need to complete an expression of interest form.
2. Before you conduct any research you must get approval to do so, explaining the purpose for the research, the data required, who will be undertaking it, and the governance that the research team will undertake to safeguard sensitive data. This is done through the Data Access Request Service (DARS).
3. The DARS details the data available to an SDE, through such products and services as their Data Set Catalogue, and Metadata Dashboard. Also see more examples.
4. Following approval of a Data Sharing Agreement for the required data, and an SDE Service Agreement is in place, you can access the SDE, with the tools configured for your research needs.
5. When the results of the research, at any stage, need to be made available, the SDE provides a Safe Output Service to securely export your analysis results (and code) out of the SDE.

It doesn't take much scrutiny of these steps to see the due diligence embedded in the overarching approach, and that it follows the good practice of the Five Safes Framework.

Across each of these stages, detailed information about the research teams, research purpose, the data requested, data use agreements, costs etc., are all collected to help to provide a holistic view of NHS Health and Social Care Data research, which is robust, effective and transparent to third-party audits.

For example, the Data Release Register is a monthly updated list of all Data Sharing Agreements, with detailed information including the purpose for which the data was provided, information on the data sets approved, if the application is for a commercial purpose, whether patient opt-outs were applied to the data set before release, and so on.

So if I want my own SDE, to enable safe research of sensitive data in my own organisation, what's the take away?

To my mind that means two key considerations:

1. Setup the SDE infrastructure, using an SDE accelerator like the Azure TRE, or whatever technological approach works for your organisation.
2. Determine the governance for the usage of your SDE.

For this latter, the NHS SDE approach outlines some crucial steps. Ultimately how you implement these features will require a People-Process-Technology lens that's appropriate for your organisation. With this in mind, here are some things to think about:

Consider how to record information about research purpose, and data requirements.

• Can you use enterprise tools like the low code Power Apps Platform to collect the information, and DataVerse or SharePoint to store the information centrally?

How can research/analytical teams discover what data is available, and then request access?

• Can you use the Data Catalogues and Data Sharing features within Microsoft Purview, or DataBricks Unity Catalog, to browse the metadata of data assets and data products in your organisation, and then request secure sharing to your SDE?

Organisational team structures to support SDE usage

• How will your SDEs interface with existing teams, especially for Data Protection and Data Governance - are new roles and responsibilities required?

Monitor usage and costs

• Ensure you integrate the operational logging of your SDE(s) into your enterprise logging and monitoring tools and platforms, to ensure you are tracking the performance, reliability, security, and costs arising from SDE usage.

Coming up next time

An overview of the "re-imagined Data Governance solution" from Microsoft Purview.

See you next time folks!