Processes
| Term | Definition |
|---|---|
| Best Practice | A set of guidelines that, if followed, is known to produce good outcomes. Best practice may be based on different levels of research evidence and/or collective experience. |
| Consent | Consent is defined as individual providing freely given, specific, informed and unambiguous indication of their wishes to provide their data for processing relating to him or her. Consent within the context of data protection regulation is one of the grounds (lawful bases) for lawfully processing personal data in relation to an individual and is specific towards particlar activities. Research consent is the process of documenting an individual's choice to be involved in a research project(s) and typically called informed consent - this conveys that there is a process to allow participants to make a meaningful choiceInformed consent" is used to emphasise that understanding is crucial before agreeing, and typically applies when sharing personal data or participating in research studies. Research consent is commonly required for participation in clinical trials/research. Broad consent is a mechanism of gaining the consent of an individual who donates their biosamples and health data with a view to their future use in research, and may not be specific to a particular research project at the time of collection. Assent is the process of providing approval for data processing/involvement in research by an individual who is not legally eligible to do so (e.g. a child under the age of 16), and will be supported by an adult providing legal consent. Withdrawal of consent is both a legal and ethical right of the individual whose data is being processed, and must be respected in reference to data protection and research compliance. It allows an infividual to discontinue/rescind access to his/her data and prevent further processing. See also: Unconsented Data. |
| Data Discovery | The process of identifying and accessing relevant data sources for research or analysis. |
| Data Governance | Policies, procedures, and regulations that govern the collection, storage, access, and use of data to ensure privacy, security, and ethical considerations are addressed. |
| Federation | A grouping of organisations with their own policies and assets (e.g. datasets or computing resources) who agree to allow use of those assets by the broader group but without the assets leaving control or ownership of the organisation. Ordinary real-world examples of this are the United States of America, Germany or Australia, where member states have individual laws and governance but also subscribe to central policies to enable and encourage working together. |
| Five Safes | The Five Safes framework is a set of principles developed to guide researchers and organizations in handling sensitive data. See also: Five Safes 🔗. |
| Linkage of data (data linkage) | Joining two or more sets of data together using one (or more) pieces of information common to all (often called "common keys"). Linkage may be based on straightforward rules (“two records with the same NHS number are from the same person”) or based on probability (“if two records share the same forename, surname, and date of birth, they are more likely to be from the same person”). Links may be made using identifiable data (e.g. NHS number) or de-identified data (e.g. a research pseudonym). For example: joining a health dataset with an employment dataset using a common key based on individual names and addresses. |
| Public Dissemination | Communicating the findings of a research project or project information with the general public. |
| Trusted Research Environment (TRE) | A class of computer systems which enable researchers to access sensitive datasets across administrative boundaries whilst ensuring that overall control of the data stays with appropriate governance authorities. TREs include Secure Data Environments (SDEs) in the National Health Service in England, Safe Havens in Scotland, processing environments as defined in the Digital Economy Act 2017 (DEA) and Secure Processing Environments as defined in European Health Data Space legislation. TREs are typically operated according to information governance practices and processes modelled on the Five Safes approach developed by the Office for National Statistics (ONS). |