How is my data protected?
CUH has strict measures in place to ensure that patient data is always stored safely and used appropriately, whether for research or patient care. When patient data is used for research, the names, contact information and unique details that are linked to a person (such as their NHS number and hospital numbers) are removed from the data before it is analysed by study researchers. This process is called ‘de-identification’.
All research studies conducted at CUH must be approved by our Research and Development (R&D) Department who check that the research has the correct regulatory approvals, including assessment by the Health Research Authority and/or review by the NHS Research Ethics Committee service, when required.
The R&D Study Review Committee also carefully check all applications requesting de-identified patient data for research studies. This Committee confirms that any requests for data come from legitimate research organisations with qualified researchers, and that the proposed projects are likely to contribute to improved patient care. They consider whether the data requested is necessary for the proposed study and how it will be kept safe. A legal agreement known as a ‘Data Sharing Agreement’ is also signed by researchers, specifying that they can only use the data for the agreed purposes and cannot try to identify patients or share the data further. There are financial and legal penalties if these agreements are breeched.