Working with data controllers

BREATHE does not control the access to, or use of, any health data. We work with organisations that hold and manage existing respiratory datasets-known as data controllers.

Data controllers can include NHS organisations, charities, universities and companies. These organisations retain control over how and why health data is used during any interaction through BREATHE.

Find out about the steps we take to protect privacy below.

Keeping data safe

Health data should always be kept safe and secure, and used responsibly to ensure privacy.

BREATHE follows the recognised ‘Five safes’ set of principles, which provide multiple safeguards for ensuring the security and privacy of patient health data:

  • Safe People: Only trained and specifically accredited researchers can access data
  • Safe Projects: Data is only used for ethical, approved research with the potential for clear public benefit
  • Safe Settings: Access to data is only possible using secure technology systems
  • Safe Data: Researchers only use data that has been de-personalised to protect privacy
  • Safe Outputs: All research outputs are checked to ensure they cannot be used to identify data subjects

Find out more about how health data is kept safe from Understanding Patient Data

Keeping data safe

Accessed through secure platforms

Trusted Research Environments are highly secure spaces for researchers to access data.

They provide approved researchers with a single location to access valuable datasets, and analytical tools to work with the data. They are based on the idea that researchers should access and use data within a single secure environment. In other words: researchers must go to the data, the data doesn’t travel to them.

Trusted Research Environments have multiple layers of security in place, designed to minimise the risk of anyone’s data being misused.

Find out more about Trusted Research Environments from Health Data Research UK

Our primary Trusted Research Environment is SAIL Databank

BREATHE has partnered with Swansea University to use SAIL Databank as our primary Trusted Research Environment.

With over a decade of experience, SAIL Databank has established processes and procedures which ensure total anonymity at all times, whilst allowing research to proceed for the benefit of patients and the wider public.

SAIL Databank does not receive or handle identifiable data. Commonly recognised identifying details, such as name or contact details, are removed before datasets enter SAIL Databank and once anonymised they cannot be reconstructed.

Requests for access to data held within SAIL Databank are reviewed by an independent Information Governance Review Panel, including members of the public, to ensure that only trusted researchers with questions likely to result in patient benefit can work with the data. For any requests to access data through BREATHE, one of our patient representatives will sit as part of this panel.

Find out more about data privacy and security at SAIL Databank

Our primary Trusted Research Environment is SAIL Databank