Ensuring the Trust in Trusted Research Environments

Suzy Gallier, our Technical Director shares her thoughts on Trusted Research Environments and the work undertaken by PIONEER in their work with Health Data Research UK.

What are Trusted Research Environments?

Trusted Research Environments (TREs) are increasingly being set up and used for research.  But what are they?

A TRE is a computer system which can hold electronic data which can then be analysed by researchers. This doesn’t sound like anything new but the different thing about TREs are that they are secure platforms which monitor what data is placed into the system, allow only authorised researchers from any location to log on to perform the analysis, and prevent any data being added to the platform or removed without permission.  The benefits of TREs are that data does not have be sent to lots of different analysts to do their research.  Effectively, the analysts come to the data rather than the data being sent to the analysts.

Just because the word ‘trust’ is in the title, TREs can differ significantly with how secure they are.  PIONEER has worked with industry experts to ensure we have built a secure research environment which genuinely is “secure”.  To verify the security of our TRE we commissioned QinetiQ (who test and evaluate Ministry of Defence systems and ensure they are protected from hackers) and we are pleased to report that the PIONEER TRE was assessed as being highly secure – just what you need when you are holding sensitive patient data – even if it is de-identified.

The more traditional models that TREs are replacing involved data being sent to, or downloaded by, researchers to their own systems and environments, such as laptops.  The PIONEER TRE has settings to ensure no data can be ingressed (put onto the system) or egressed (removed from the system), ensuring our data is handled securely and all the appropriate safeguards are in place.  The key safeguards include a firewall (a barrier that performs several functions but the primary aim is to prevent intruders accessing our system) and user authentication (requiring at least two pieces of identification when logging on to the TRE).

Understanding Patient Data aims to make the way patient data is used more visible, understandable and trustworthy, for patients, the public and health professionals.  They outline three factors for organisations seeking to establish or improve the trustworthiness of their TREs.  These factors are:

  1. Managing risk to ensure public benefit
  2. Involving people
  3. Transparency about third party partnerships

The UK Health Data Research Alliance published its green paper “Trusted Research Environments (TRE): A strategy to build public trust and meet changing health data science needs” in July 2020 – informed by lots of conversations with people who use data for research and patients and members of the public.

The PIONEER data hub has built its processes based on a framework for data sharing which was designed by patients and members of the public.  This framework has also informed how we have built, tested and run our TRE.

My team’s function is to ensure we maximise the benefits to patients through the use of the acute health care data PIONEER holds, while maintaining security at all times.  PIONEER has adopted the ‘Five Safes’ Framework to managing our data:  Safe people; Safe projects; Safe settings; Safe outputs; Safe data.

What are the next steps for TREs?

In September 2021, Simon Madden, Director of Data Policy, and Catherine Pollard, Director of Tech Policy, reflected on NHSX’s plans to champion Trusted Research Environments (TREs) and the draft of their Data Strategy for health and care.  HDR UK, including PIONEER, are ensuring we are part of the national consultation around TREs, so that we are aligned with their vision for a safe, secure network of TREs, working to benefit our patients and the wider population.

In my next blog, I will focus upon the changes we can expect for TREs in the coming months.  The next phase for TREs are going to test and support designs where only the code written to analyse the data moves.  Therefore the code comes to the data, rather than the data going to the analyst.  This novel approach brings numerous advantages, but is technically challenging, which I will cover in the next blog.

Leave a Reply

Your email address will not be published. Required fields are marked *