Skip to content


SAFE People

0. SAFE People: Only trained, authorised individuals can access the data Role
1. Data Custodians must ensure individuals are appropriately trained in data governance and/or have the relevant skills and experience and supported to effectively use the data for the proposed purpose. TRE providers must be able to verify the researchers' status and experience in handling sensitive data DC
2. Individuals and organisations party to undertaking the project must disclose all affiliations RE
3. Individuals must disclose funding/sponsorship information, commercial interests and any conflicts of interests RE
4. Individuals must disclose their history of safe data use RE
5. All individuals have signed an agreement or legally binding undertaking which governs that access and use of the data RE
6. All organisations acting as data controllers have disclosed their data security and protection process and are able to manage data breach risks effectively SO
7. All individuals are authenticated and authorised to access the data TA

SAFE Project

0. SAFE Project: Only appropriate use of the data is allowed Role
1. Individuals must be able to demonstrate that use of the data is in the public interest and must be able to satisfy a public benefit assessment. RE
2. Individuals and organisation must supply all relevant information to support the assessment of the project proposal (who will access, declaration of interest, funder/sponsor information, ethics approvals, what purpose, engagements with the patients and public, how will the data be analysed, over what period of time and what will happened to the data at the end of the project) RE
3. Individuals must supply what governance and administrative arrangements are available to assess, monitor and oversee the project RE
4. Data Custodians must provide clear and transparent guidelines of the decision-making process to individuals and organisations, including how representatives of patients and members of the public are involved in the decision-making process DC
5. Individuals and organisation must be able to specify the analysis methodology including software, research code, workflows that need to be provisioned by the data custodian/TRE RE
6. Data custodian/TRE provider must provide services to allow the provisioning of research software and analysis code into their SAFE Setting environment DC, TA
7. Data Custodians must publish an open register of approved data use DC


0. SAFE DATA: Role
1. TRE providers should make discoverable relevant metadata (including data standards, vocabularies and data profiles) about the data assets available within their environment, including the source of the data and the lawful/ethical basis for collection and use. TA
2. TRE Providers must make their data available in an appropriate standard format using an appropriate data standard DE
3. Direct identifiers should be removed from all data accessed by researchers or replaced with uninformative pseudonyms to prevent accidental re-identification. DE
4. TRE providers, where possible should provide data linkage services and process described in lay terms to the public TA
5. Controls on access to data in the TRE should be proportionate to the approved use, with appropriate data minimisation applied. TA, SO
6. Data held within the TRE should be encrypted at rest and in transit. TA, SO
7. Ingress and linkage of project specific datasets should be available to researchers subject to the appropriate consents and permissions being in place. TA, DE

SAFE Setting

0. SAFE Settings: Data Access facility actively minimizes the risk of unauthorised use or disclosure Role
1. TRE providers must implement services to hold data and manage data securely at rest with auditable access logs TA
2. TRE providers must implement services to transfer data where required between established trust networks to facilitate consolidated analysis, subject to a DPIA assessment TA, DE
3. TRE providers must provide services that enable secure and/or remote analysis of the data TA, SI
4. TRE providers must provide a research environment with a set of approved tools/software that allow data to be analysed securely TA
5. TRE providers must collect logs of access and activity, and publish their robust system for automated and/or manual review to capture inappropriate use. TA, SO
6. TRE providers must implement harmonised processes and systems conformant to or in recognition of secure data processing standards e.g. ISO 27001, ONS / UKSA Accredited Processor, IGToolkit/DSPT SO
7. For transparency security design and implementation should be independently audited with reports reviewed by patient/public oversight groups and made public SO

SAFE Outputs

0. SAFE Outputs: Only non-disclosive output data is subject to release from a TRE Role
1. Individuals are be able to apply for an extract of their derived data and/or developed code from a TRE RE, DE
2. Trusted Research Environment providers must implement processes and systems to assess and decide on the data release application, including providing an appeals process DE
3. Trusted Research Environment providers should provide open, clear documentation of their output checking process DE, TA
4. Trusted Research Environments must provide, where possible automated solutions to output checking and release of data via an established airlock process DE, TA
5. Trusted research Environments should explore opportunities to harmonise and collaborate with other TRE Airlock managers to coordinate the output checking process and coordinate output release TA
6. Trusted Research Environments should have the facility to provide ‘safe archive’ TA