The Scottish Government is committed to improving Scotland’s future through the production of high quality data, analysis and evidence to inform policy and support improved service delivery. One approach we are taking to achieving this is through data linkage; Joined Up Data for Better Decisions outlines our strategy for better use of data that already exists in Scotland including the establishment of a Data Linkage Framework, with the Guiding Principles for Data Linkage supporting the creation of a culture where legal, ethical and secure data linkage is accepted and expected.
In collaboration with our public sector partners, the Scottish Government has developed a process to enable responsible, efficient and effective data linkage in line with the Data Linkage Framework. This approach is being delivered through the Scottish Informatics and Linkage Collaboration (SILC); a public sector partnership initiative. The Scottish Government has provided funding for 60 linkage projects (Scottish Government and Public Sector) to be supported through SILC, with advice and assistance provided by eDRIS, a SILC partner.
Data linkage projects should provide a proportionate balance between privacy, mitigating the risk of identification, and realising the public benefits. To help data controllers make decisions about granting access to their data, data linkage projects must be reviewed by a Public Benefits and Privacy Panel and an Ethics Panel. These panels provide objective advice to make sure all consideration has been given to protect individuals, whilst making sure that the potential research is in the interests of the public and that it is of value to society.
Data linkage projects must demonstrate public benefit and the ethical and secure use of data in addition to demonstrating the data is processed lawfully in line with the Data Protection Act 1998. This means that an organisation must have a legal power to share the data. If an organisation exceeds its legal powers or exercises those powers improperly then it will be unlawful. Data linkage proposals must identify the ‘legal gateway’ being used to share the necessary data to undertake the research project.
The process flow to apply for and complete a Scottish Government funded linkage project can be seen below. It involves completing a number of required forms and documents. Advice and assistance with completing these is provided by eDRIS and the Office of the Chief Statistician and Strategic Analysis (OCSSA). Where possible these forms and documents have been aligned to make sure that information provided is transferable throughout the process and that they comply with the Data Protection Act 1998 (DPA) and the Guiding Principles for Data Linkage.
1. Application Process
(i) The Scottish Government and wider public sector invite applications to support data linkage projects that are in the public interest. The SG and eDRIS can provide advice and support with filling in the application form before it is submitted to the Analytical Leadership Group for approval.
(ii) As part of the process, applicants are also asked to submit a draft Data Protection Impact Assessment (DPIA). Completing an assessment early in a project can identify and mitigate risks to privacy, and identify the ways an organisation or project can effectively comply with data protection regulations. It should be updated throughout the project as and when issues are raised.
The Information Commissoner's Office have published guidance on privacy by design. Additionally, you can sight the DPIA template that has been produced for internal use.
Under the General Data Protection Regulation (GDPR) a data protection impact assessment (DPIA) is required for all projects involving personal data and privacy. This form was formerly known as a 'privacy impact assessment' under the Data Protection Act 1998.
2. Approvals process
(i) There are currently two Public Benefit and Privacy Panels operating in Scotland. Health has a specific process for granting access to its data. If the linkage project involves health data then it will need to be assessed by the Health Public Benefit and Privacy Panel. eDRIS provide support to researchers applying to this panel.
If the linkage project does not involve health data, the application form (above) has been designed so that it is aligned with the Statistics Public Benefits and Privacy Panel and can be submitted directly once the Analytical Leadership Group has granted approval for the project to be undertaken.
(ii) Depending upon what data is being used in a linkage project and where this data is held will identify what Ethics Panel should be approached to review a linkage project. If a linkage project involves the use of health data, a Health Ethics Panel should be used. eDRIS can support researchers to identify and apply to the correct panel. Similarly, each University has its own Ethics Panel that should be used when academics are leading a study that does not involve health data. For linkage projects that do not involve health data and are not led by an academic, the UK Statistics Authority have established a Statistics Ethics Panel. The OCSSA can provide support to statisticians applying to this panel.
(i) Before the data can be shared a Data Sharing Agreement needs to be written and signed by all of the data controllers involved in the project. This is an agreement that clearly details what everyones' role is and what is being done to make sure the project is legal and secure. Please get in touch if you require a template to help you write one.
(ii) If the project requires a third party for linkage or to provide separation of functions then a Data Processing Agreement will need to be signed between the parties clearly detailing what is required of each party. If all of the parties involved are public sector then a Memorandum of Understanding could be used instead.
4. Indexing and Linkage
National Records of Scotland can provide a service as a trusted third party indexing or linking agent, supporting a separation of functions and are also able to use their indexing spine to help improve linkage rates and data quality. eDRIS can also provide a service as a trusted third party linking agent.
5. Accessing Linked Data
Following the removal of personal identifiers ('pseudoanonymisation'), linked data must be stored in a secure environment and can only be accessed by an approved researcher(s). eDRIS manages Scotland's National Safe Haven, located at the Edinburgh BioQuarter, where linked data can be hosted to allow for access and analysis by researchers to be controlled and monitored. A number of 'local' Safe Havens are also available across Scotland to host data in a secure and controlled environment. Most 'local' Safe Havens are hosted and managed by NHS Scotland Boards or through an NHS Scotland-academic collaboration.
Data can only be removed from a Safe Haven (and subsequently published), once all necessary measures have been undertaken to limit the possibility of identifying an individual within the linked data outputs. If there is any possibility that an individual may be identified in the outputs, the appropriate statistical disclosure control methods must be applied to the data before it is published. eDRIS can provide a disclosure control service if required.
For further information on undertaking a data linkage research project, contact the data linkage team, via Claire.Wainwright@gov.scot or eDRIS at nss.eDRIS@nhs.net.