Keeping health data secure in a Trustworthy Research Environment

shutterstock 103173644

Health researchers often use personal data in their research. This data is extremely sensitive; it can include confidential information such as patients’ medical history. If the wrong person accessed this information, it would be a severe breach of confidentiality. As a result, we must ensure that all human health data used in research is stored and handled securely.

The Health eResearch Centre (HeRC), based in the School of Health Sciences, keeps its data safe using the Trustworthy Research Environment (also known as the HeRC TRE), a data analytics resource certified to ISO27001 and hosted on campus. The TRE is used in a large number of the Health eResearch Centre and Connected Health Cities’ (CHC’s) research projects, such as CHC’s exploration of wound care data, a project that uses existing wound care records to improve wound assessment and treatment. The TRE is also used in various projects that are external to HeRC and CHC, and is available to host research on behalf of any organisation.

The TRE uses a number of strict security controls to prevent unauthorised access and misuse of data. For example, data protected by the TRE is encrypted in transit and at rest, and can only be accessed via virtualised workstations which are isolated from the internet, minimising the risk of data interception. Connections to these virtual workstations is secured via a VPN service and 2-Factor authentication. Each virtual workstation belongs solely to a single project, which further reduces the risk of interception: only the researchers working on that project can access the corresponding data.

The TRE is the only data analytics resource at The University of Manchester that offers a connection to the NHS’s Health and Social Care Network (HSCN, formerly known as N3), a secure, private network that allows researchers quick and efficient access to NHS data, and which allows The University of Manchester to share data and web-based services with staff at the NHS. Some of the TRE’s data storage, virtual workstations and application servers are hosted on the HSCN, which makes it possible to conduct data processing and analytics without the need to remove the data from the HSCN.

By incorporating some of the TRE infrastructure within the HSCN, researchers can access higher quality, more detailed data. For example, Patient Identifiable Data can be shared using the HSCN, allowing researchers a wider scope of data. Moreover, the TRE board oversees all applications to check that each project has necessary permissions to access this data, referring to the ‘Five safes’: in order to be granted access to data, the project, people involved, data, facility settings and project outputs must all be deemed safe, ethical and responsible.

The TRE’s connection to the HSCN plays an important role in CHC’s study of wound care data, a project carried out in collaboration with Alliance Manchester Business School. To carry out the project, researchers must first collect and analyse existing wound care information to identify how it can be improved. Thanks to the HSCN connection, the Pennine Care NHS Foundation Trust have been able to send wound care data directly from their electronic records to a CHC virtualised workstation where it can be analysed.

Prof. Jo Dumville, Principal Investigator of the wound care exploration, said ‘We are pleased to be working with the Pennine Care NHS Trust on this project. Insights from our exploration of community electronic records can inform healthcare professionals and help optimise patient care.’

When the analysed wound care data is sent back to the Pennine Care Trust, it will be thoroughly checked, like all data exports from the TRE. These checks are carried out by the TRE operations team, who are independent of the analytical projects stored on the system. This service is called ‘output checking’, which means ensuring that only the required information leaves the TRE. For example, if somebody wanted to download a table of results, the TRE operations team would ensure that only that file was available for download and that it did not contain any results from which confidential information could be deduced. The other files and raw data remain secure.

The TRE is currently the only service at The University of Manchester that offers an output checking service, which provides an invaluable extra layer of data security ensuring the safety of published outputs. Additionally, the TRE support team offers training in disclosure control so researchers can carry out these checks themselves.

In addition to its numerous security measures, the TRE’s virtual workstations contain professional, integrated data analysis tools such as STATA and R. These tools, combined with the TRE’s strict security measures and direct NHS connection, mean that the TRE is one of the safest, most efficient data analysis resources for researchers working with sensitive data.

A secure research environment also benefits patients. During CHC’s 2016 Citizen’s Jury meetings, participants expressed concern that the use of patient data in research might lead to data breaches or misuse, by third parties or by individuals within research organisations. The strict limitations that the TRE places on who can view or access data means that patients can feel secure in the fact that their data is being used safely. A widespread use of these data security practices may even encourage more patients to allow their data to be used for research.

At The University of Manchester’s recent ‘Innovations in Responsible Research’ event, researchers working with health data were given the opportunity to find out more about the TRE and its ability to maximise data security. To enquire about hosting your project’s research on the TRE, contact

For more information about the TRE, click here or read the TRE FAQ page here.