The four Safe Havens in Scotland were established as part of a national need for delivering research excellence and the need for rapid access to high quality health data for research purposes. They were developed in line with the SHIP blueprint which outlined a programme for a Scotland-wide research platform for the collation, management, dissemination and analysis of anonymised Electronic Patient Records (EPRs).
NHS Greater Glasgow & Clyde, in collaboration with the Robertson Centre for Biostatistics, began an ambitious itinerary of work in 2011 to develop a Safe Haven to compliment this national programme and create a physical and electronic area that provides the required levels of security to support access to local healthcare data for service and research purposes. The NHS collects vast amounts of data every day; this could be about you, your family, or people that you know, but most of this information belongs to people you are never likely to meet. The NHS is the custodian of this information, not the owner. As custodians we are responsible for the safe keeping and security of all information that we collect. All personal health information is held under strict legal and ethical obligations of confidentiality.
A Safe Haven, in terms of NHS data, is a secure physical location and agreed set of administrative arrangements that are in place within the organisation to ensure confidential personal information is communicated safely and securely. It is a safeguard for confidential information which is being used for research purposes. Any researchers applying for access to health data must adhere to the Safe Haven principles.
When data is un-consented, the unique patient identifier (CHI number) can be used to link patient records, to both retrospectively and prospectively collected data, provided that the linked data is de-identified prior to release (see Anonymisation section). Researchers are responsible for ensuring that they handle information with care and respect. It is their responsibility to protect this information from those who are not authorised to use it or view it. They must ensure that whilst in their care they have done everything possible to protect this information, and comply with the Caldicott Principles and Data Protection requirements (see Caldicott Principles section).
The use of information about patients is governed by:
*CSAGS Report - Confidentiality and Security Advisory Group for Scotland, 2002
Accurate and secure personal health information is an essential part of patient health care. The NHSGGC Safe Haven provides a service that: