Tom Harrison, our Senior Policy Officer, shares some of Understanding Patient Data’s views on Trusted Research Environments, drawing on our response to Health Data Research UK’s recent consultation.  

What are Trusted Research Environments? 

Trusted Research Environments (TREs) are a secure space for researchers to access sensitive data. Commonly referred to as ‘data safe havens’, TREs are based on the idea that researchers should access and use data within a single secure environment.  

TREs have been set up across many academic institutions, often in partnership with public agencies. They vary widely in scope and purpose; some are long-established, and others are being developed rapidly in light of Covid-19. 

Live examples: 

  • OpenSAFELY is a collaboration between academics and health record software companies to analyse NHS primary care records from more than 24 million patients to understand the impact of Covid-19 in the UK. 

  • Secure eResearch Platform (SeRP) - which includes the Adolescent Mental Health Data Platform (ADP), Dementia Platform UK (DPUK) and SAILBANK – has enabled researchers to access data derived from millions of depersonalised health records since 2011. 

TREs differ from other more traditional models of data use where researchers receive downloads of data to analyse on their own systems and software. In a TRE, users go to the data, the data doesn’t come to them. This provides greater assurance that data is handled securely, as data use can be tracked and technical safeguards ensure no data leaves the secure environment.

How could they improve?  

Despite trust being inferred by the name, TREs vary in how they approach the important issue of maintaining public trust. Indeed, while TREs can provide some of the technical tools for trustworthiness, such as data security and strong anonymisation processes, we know there are other factors that need to be considered. 

We therefore welcome Health Data Research UK’s plan to align approaches to TREs across the 30 NHS and research organisations in its Alliance. It’s a great opportunity to reflect on what the public expects to happen to data about them and to build these views and values into how TREs operate in the future.  

The 3 factors outlined here we hope will provide some instruction to institutions wanting to set up or improve TREs with trustworthiness in mind. 

1. Managing risk to ensure public benefit 

People want to know that public and patient benefit is prioritised when health data is used. But it is important to acknowledge that health data science often involves trying new things, for example linking datasets in novel ways or developing new methods to spot trends and patterns in data. Calculated risks may be necessary to produce research that is likely (though not guaranteed) to have a public benefit.  

As such, while it’s welcome that HDRUK has reaffirmed its commitment to the internationally recognised ‘Five Safes’ model for data use in TREs - as it offers a strong, clear structure for safeguarding health data - it’s important to take an approach that seeks to minimise risk rather than eliminate it entirely. 

The only way to eliminate risk would be to not use the data at all. So, while risk management is critical to get right, it need not involve overly burdensome processes that prevent research that could benefit the public.  

Quote about importance of public benefit

2. Involving people 

People feel a sense of ownership over health data and want to be involved in decisions about its use, even if they cannot be identified from the data.  

In a recent national survey co-commissioned with NHS England, we found that 74% of people believe the public should have a say in how NHS-held data is used. We suggest that a ‘learning data governance’ approach could help TREs build public views into their decision-making processes and learn from what works and what doesn’t. 

3. Transparency about third party partnerships 

Controversy about commercial access to health data has led to concern about companies that provide software and hosting services for data – even if they don’t use or access the data themselves. Institutions hosting TREs therefore should be conscious of which third parties (private companies, universities, charities) are involved in the infrastructure and management of TREs.  

Organisations running TREs should be open about the role of third parties, the terms of their contracts, what they are and aren’t allowed to do with the data, and why they were chosen to be involved. Commercial confidentiality is often cited as a reason not to disclose this information, but there are good reasons to challenge the assumption that contracts can’t be public. 

Talk to us about building trust

If you’re working on a TRE and want to discuss the best ways to demonstrate trustworthy practice, please do drop us a line at  

You can read our consultation response in full here.