App-based information governance for trustworthy research environments

Delivering an open source 'information governance system in a box' to support data protection in trustworthy research environments

Project status

Ongoing

Introduction

How can researchers be confident that a trustworthy research environment is configured with the right level of protections for the data analysed within it, in line with data protection standards? Developed alongside the Turing's Data Safe Haven, the purpose of the Turing’s information governance app is to bring stakeholders with diverse perspectives on data protection – investigators, data protection experts, and other researchers – to assess datasets and arrive at a sensitivity classification for the data and the technical recommendations for the protections needed. This project is looking to make the app implementable at other institutions and organisations as an open source tool.

Explaining the science

This project is building towards an open-source version of the Turing Information Governance app that can be deployed by other research organisations to support their data management and trustworthy research environment infrastructure. We're preparing this release through a combination of technical work, user testing, and a deep understanding of the existing information governance processes and needs at different institutions. It also aims to provide a record of decision-making around information governance and data protection to comply with audit requirements. In the first phase, funded by Turing 2.0, the project team are seeking to set up the potential deployment of the app across the Turing, UCL, and Cambridge.

Project aims

This project is building towards an open-source version of the Turing Information Governance app that can be deployed by other research organisations to support their data management and trustworthy research environment infrastructure. We're preparing this release through a combination of technical work, user testing, and a deep understanding of the existing information governance processes and needs at different institutions. It also aims to provide a record of decision-making around information governance and data protection to comply with audit requirements. In the first phase, funded by Turing 2.0, the project team are seeking to set up the potential deployment of the app across the Turing, UCL, and Cambridge.

Applications

There are growing numbers of trustworthy research environments being deployed across academia and other research intensive fields to offer increased data security and comply with data protection legislation. One major growth area for this type of digital infrastructure is the NHS, where secure environments to analyse data in reproducible ways are urgently needed, as highlighted in the recent Goldacre review Better, broader, safer: using health data for research and analysis. However, deciding what level of protection a particular dataset needs is not always straightforward, since it depends on the type of data, how it has been processed, and how it will be used in the analysis. Typically, assessing these aspects of datasets requires a form or meeting, which can often feel unconnected to the rest of the research process. The process can also vary between departments and institutions, making it difficult to come to a consensus on how trustworthy research environments should be configured for interdisciplinary projects.

Recent updates

March 2022

Becky Ossleton presented at the UKRI Cloud Workshop, titled "Data Safe Haven Classification and Trusted environments in the cloud: extending a Turing Django based application across multiple institutions".

Organisers

Collaborators

Researchers and collaborators

Contact info

Arielle Bennett
[email protected]