Enabling researchers to work safely with sensitive data

Our open-source project is making it easier for other organisations to create secure computing environments

Last updated
Tuesday 28 Nov 2023

Answering the big research questions often requires the use of sensitive data, in domains like health, public policy, and defence and security. In order to glean insights from this data while honouring the need for security and privacy, researchers are increasingly turning to ‘trusted research environments’ (TREs) – secure computing environments that allow authorised researchers to work safely with sensitive data. 

Since 2018, the Turing’s Data Safe Haven project has been developing digital infrastructure to deploy cloud-based TREs for our researchers. In October 2022, the team made its open-source software repository public – a major milestone that allows others to freely adopt and adapt the Turing’s code and documentation to deploy and manage a TRE of their own. The TRE comes with a number of security controls, which can be configured to suit the project’s sensitivity level. One institute that is already making use of this open resource is the University of Nottingham, which has deployed the TRE infrastructure and made it available to any researchers working with sensitive data.

Illustration of the data safe haven concept
Illustration: Scriberia

By opening up this resource, the Turing team is saving other organisations from having to develop their own TRE infrastructure from scratch, while also encouraging collaboration in this space. Integral to the development of the project has been the Turing’s research application management team, which is helping to foster collaborations with other UK teams building and using TREs. In September 2022, Research Application Manager Hari Sood co-founded the UK TRE Community, which a year later gathered for the biggest meetup of UK TRE users and developers to date, with around 150 people from across the country sharing best practice and knowledge. 

The Turing was also a partner in the now-completed SATRE project, which in October 2023 released a reference technical specification for UK TREs that outlines the key requirements for a TRE across areas including information governance, computing technology and data management. TREs can be evaluated against this specification, providing a useful measure of their quality and helping to ensure that TREs such as the Turing’s Data Safe Haven meet community-agreed standards for security and usability.

“The University of Nottingham needed a secure computing environment for research involving sensitive data. Being able to adopt the Turing’s infrastructure has saved us a lot of time and money, and we are already using it for multiple health and engineering projects.”

Sam Cox, Senior Research Software Engineer, University of Nottingham

This is based on a piece that first appeared in The Alan Turing Institute’s Annual Report 2022-23
Top image: Song_about_summer

Authors