Data security in the TRE

How our TRE provides security, confidentiality, and privacy when handling data.

On this page

Data security

Our TRE provides security, confidentiality, and privacy to data received, managed and provisioned. Sensitive data is received via a secure encrypted transmission and is stored, quality assured, and processed on secure servers, in secure work areas. Our data security follows best practices for managed infrastructure. We use multi-layered security controls and robust monitoring.

Diagram representing a simplified overview of our TRE infrastructure with the Five Safes Framework.

This diagram represents a simplified overview of our TRE infrastructure with the Five Safes highlighted in blue. Our TRE represents the Safe Setting for secure research analysis. The Safe Data framework at HIC includes our TRE and the flow of data from the NHS network. Our processes enable Safe Outputs which means no sensitive data can get out of the TRE. We have strict output checking processes and security measures to support this. Safe People are our TRE users with appropriate training. Safe Projects are the research studies with appropriate information governance approvals in place. The traffic light colour coding shows the flow of sensitive data (in red) from the NHS, to HIC and hosting in the TRE.

We are ISO27001 accredited to host NHS Scotland data, and have the Data Security and Protection Toolkit allowing us to host NHS England data too. We are currently awaiting accreditation under the Digital Economy Act 2017.

Get in touch

HICSupport@dundee.ac.uk