Bookmarks

Scottish National Safe Haven

Description

The Scottish National Safe Haven is the responsibility of the electronic Data Research and Innovation Service (eDRIS) which is part of Public Health Scotland. Formally the Scottish NSH is operated by EPCC (part of the University of Edinburgh) under contract to eDRIS in governance terms. In practice, it is very much a collaboration between eDRIS, EPCC and National Records of Scotland (who provide de-identification services). Active users: 350 open researcher accounts | Active projects: 200 Pricing: Studies are priced as small, medium or large, and there is an annual fee for compute/disclosure. Pricing details. --- ### SAFE People - Login & Access All users must become an Approved Researcher. They must all demonstrate appropriate Information Governance training and come from an Approved Organisation. They must also read and sign the eDRIS User Agreement. ✓ Login: login to a virtual desktop environment via SSO and 2FA. ✗ Minimum requirement: users access the Scottish NSH from their desktop using a VPN connection via a whitelisted IP address. ✗ International access: if approval is given then this is possible but the same controls will apply as for other users. In practice, collaboration with an existing Approved Organisation is the simplest approach rather than from an organisation outside the UK. --- ### SAFE Settings - Compute & Services ✓ Private Cloud environment accessed over virtual desktop infrastructure (VDI): a “desktop in a browser”. ✓ A wide variety of VMs can be provided and these are sized according to the needs of each project. In general a single VM is provided with a small number of cores. ✓ Some servers which have two CPUs and 4 GPUs are also available - again these are provided as VMs to users. ✗ No managed data analytics provided. ✗ No federated queries. ✗ No federated analytics. --- ### SAFE Settings - Security Certifications and Measures ✓ Security certifications: governed by eDRIS and approved by NHS Scotland IT Security. ISO27001, ISO9001, Cyber Security Essentials and DEA Accredited Processor ✓ Security measures: regular IT Health checks, whitelisting of IP address, VDI, 2FA and NextGen Firewall. Projects are backed up and archived. System and user activity is logged. ✓ Secured operating system: users have no ability to modify OS. ✓ No VM direct access: access is via VDI only. ✓ VM access controls: no USB, no copy/paste, no Internet access, internal mirrors for software packages. --- ### SAFE Settings - Software access ✓ Default software: R, Stata, SAS, SPSS, MS Office. ✓ Code/library import: users may import software code associated with the standard packages above. These code imports use standard managed file transfer mechanisms under eDRIS control, and basic security checks are performed. ✓ Collaboration software: in development; not yet available. ✗ No software installation by users is permitted. --- ### SAFE Data - Data Access Mechanisms ✓ Data provisioning: scoped and minimized linked data provided on a per project basis. See the eDRIS Data Linkage Process pages. ✓ Reduce re-identification risk by separation of concerns – EPCC, eDRIS and National Records of Scotland provide a triple lock on re-identification. ✓ Receive data: all data transfer is via managed file transfer (MFT) service SERV-U under eDRIS control. All requested datasets are included in initial project applications and are approved for use in combination. No datasets may be added without additional approval. - ✓ Linked data: yes, approved datasets only; linkage during project setup via eDRIS. - ✓ Sensitive data: yes, approved datasets only; users may not import data. - ✓ Open data: yes, approved datasets only; users may not import data. ✓ Record linkage: linkage performed using study-specific ID numbers derived from encrypted CHI. --- ### SAFE Outputs - Data Output/export ✓ Aggregate level graphs and tables. In general exported data are aggregate results for inclusion in papers etc. However, since all data egress is subject to disclosure control by eDRIS, a request to eDRIS to export any data type can be made, provided the export would be allowed by the data controller. In practice this means that what can be exported is limited and tightly controlled. ✓ Export plans: none specified. ✓ Data transmit to other SAFE Settings: mechanisms are in place for us to transfer data via MFT to external locations, provided such a transfer is within the terms of the IG approvals for a specific project / data set. ✓ Statistical disclosure control process in place.

Datasets & BioSamples (3)

Mental Health Inpatient and Day Case - Scottish Morbidity Record (SMR04)

Dataset population size: Unknown

Health and disease

Child Health Systems Programme - 13-15 Month Review

Dataset population size: Unknown

Health and disease

National Records of Scotland (NRS) - Deaths Data

Dataset population size: Unknown

Health and disease

Analysis Scripts & Software (0)

Data Uses (17)

UK evaluation of NHS support post-hospitalisation for COVID19 to inform service development and achieve holistic, integrated, equitable and cost-effective services (PHOSP-HSR)

London School of Hygiene and Tropical Medicine

Health, death, and cancers in people with learning disabilities and people with autism.

University of Glasgow

Association of lifestyle factors and pre-existing medical conditions with perinatal, childhood and maternal out_x0002_comes - a population-based linkage study

University of Glasgow

UK Biobank prospective cohort – longitudinal follow-up through linkage to health-related records

UK Biobank

PHOSP working group parent study

Imperial College London

Measurement of blood viral load and prediction of persistent disease

University of Leicester

Publications (4)

Impact of COVID-19 lockdown on the incidence and mortality of acute exacerbations of chronic obstructive pulmonary disease: national interrupted time series analyses for Scotland and Wales.

Alsallakh MA, Sivakumaran S, Kennedy S, Vasileiou E, Lyons RA, Robertson C, Sheikh A, Davies GA, EAVE II Collaborators.

2021

Association of cerebral venous thrombosis with recent COVID-19 vaccination: case-crossover study using ascertainment through neuroimaging in Scotland

McKeigue PM, Burgul R, Bishop J, Robertson C, McMenamin J, O’Leary M, McAllister DA, Colhoun HM.

2021

Assessing medication use patterns in patients hospitalised with COVID-19: a retrospective study.

Mueller T, Kurdi A, Hall E, Bullard I, Wapshott J, Goodfellow A, Platt N, Proud E, McTaggart S, Bennie M, Sheikh A, EAVE II Collaboration.

2022

Adoption of high-sensitivity cardiac troponin for risk stratification of patients with suspected myocardial infarction: a multicentre cohort study.

McDermott M, Kimenai DM, Anand A, Huang Z, Houston A, Williams S, Evison F, Gallier S, Carenzo C, Glampson B, Hasan M, Robertson A, Phillips T, Davis C, Sapey E, Mayer E, Mason S, Stammers M, Mills NL, HDRUK Regional Linked Data Driven Evidence Network.

2024