SAFE Data¶
The SAFE Data principle evaluates what treatment must be applied to the data before making it available for use by individuals requesting access to the data. This is to help manage the risks that cannot be addressed by the other SAFE principles – People, Project and Settings
Principles¶
| 0. | SAFE DATA: | Role |
|---|---|---|
| 1. | TRE providers should make discoverable relevant metadata (including data standards, vocabularies and data profiles) about the data assets available within their environment, including the source of the data and the lawful/ethical basis for collection and use. | TA |
| 2. | TRE Providers must make their data available in an appropriate standard format using an appropriate data standard | DE |
| 3. | Direct identifiers should be removed from all data accessed by researchers or replaced with uninformative pseudonyms to prevent accidental re-identification. | DE |
| 4. | TRE providers, where possible should provide data linkage services and process described in lay terms to the public | TA |
| 5. | Controls on access to data in the TRE should be proportionate to the approved use, with appropriate data minimisation applied. | TA, SO |
| 6. | Data held within the TRE should be encrypted at rest and in transit. | TA, SO |
| 7. | Ingress and linkage of project specific datasets should be available to researchers subject to the appropriate consents and permissions being in place. | TA, DE |
Requirements¶
| ID | Description | Requirement Type | Role |
|---|---|---|---|
| DATA-01 | Data Custodians must provide descriptive, semantic and technical metadata about their datasets publicly available in human and machine readable form | Functional | DC |
| DATA-02 | Data Custodians must provision data using a standardised format supporting well-known data standards, e.g. See HDR UK Data Standards Green Paper | Functional | DC |
| DATA-03 | Data custodians must provide a lay summary of how they manage direct identifiers within their source data assets prior to onboarding into the TRE. | Non-Functional | DC |
| DATA-04 | TRE Providers should provide data linkage services to allow users to request linkage of datasets with data held internally or externally to the TRE provider | Non-Functional | TA, DC |
| DATA-05 | TRE providers should implement appropriate data minimisation proportionate to sensitivity and the approved use of the data | Non-Functional | TA |
| DATA-06 | TRE providers must encrypt their data at rest and in transit with client-held keys with an auditable access log | Non-Functional | TA |
| DATA-07 | TRE providers should be able to provision minimised data into project specific workspaces that maintain the integrity of the provisioned data and ensure multi-tenant security and privacy | Functional | DE |
| DATA-08 | TRE provider should provide mechanisms and process for researchers to request ingress of external (additional) data to be used by researchers as part of their research | Functional | DE |
Interoperable Standards & Specifications¶
This section is a work in progress
Please suggest edits and modifications to this section by clicking on the edit link
Modular Software & Services¶
This section is a work in progress
Please suggest edits and modifications to this section by clicking on the edit link
Extensible Use Cases¶
This section is a work in progress
Please suggest edits and modifications to this section by clicking on the edit link