| 1. |
TRE providers should make discoverable relevant metadata (including data standards, vocabularies and data profiles) about the data assets available within their environment, including the source of the data and the lawful/ethical basis for collection and use. |
TA |
| 2. |
TRE Providers must make their data available in an appropriate standard format using an appropriate data standard |
DE |
| 3. |
Direct identifiers should be removed from all data accessed by researchers or replaced with uninformative pseudonyms to prevent accidental re-identification. |
DE |
| 4. |
TRE providers, where possible should provide data linkage services and process described in lay terms to the public |
TA |
| 5. |
Controls on access to data in the TRE should be proportionate to the approved use, with appropriate data minimisation applied. |
TA, SO |
| 6. |
Data held within the TRE should be encrypted at rest and in transit. |
TA, SO |
| 7. |
Ingress and linkage of project specific datasets should be available to researchers subject to the appropriate consents and permissions being in place. |
TA, DE |