Taking part and data security

We are responsible for ensuring the information collected from the study members is kept and handled securely and confidentially. It is also our duty to make sure the research carried out is ethical; protecting the rights, safety, dignity and wellbeing of our study members.

All the study members participate voluntarily and have the right to withdraw at any time without giving a reason.

 

Information Security

We take data security very seriously and adhere fully to UCL data security policies and procedures. UCL is the Data Controller, and is responsible for ensuring that all data are securely stored, handled and used in accordance with the Data Protection Act 1998. UCL’s data policies and procedures for storing and handling SABRE data have been approved by the NHS Information Governance Framework and are compatible with MRC policies and procedures. The Director of the SABRE study remains the Data Custodian and, on a day to day basis, oversees the way in which the study team looks after study members’ data.

How is my data stored?

All contact information, such as names, addresses and telephone numbers of study members, are stored on a computer system that is isolated from all other computer systems and is protected by digital access control, full auditing, and other security systems, so that the risk of unauthorised access to this information by anyone is extremely low. This system is also physically locked down and is only accessible by authorised personnel.

Your individual responses to survey questions are stored on a completely separate system that is protected by firewall and other security measures to prevent unauthorised access. These responses are coded with an arbitrary reference number, which means that researchers analysing results never see any contact information. We require members of the research team and our collaborators who are given permission to use any of the anonymised data to sign a memorandum outlining required security practices and procedures. These data are only used for research purposes.

The consent forms are kept locked away in a secure filing cabinet, separate from the secure storage of the questionnaires.

Who will have access to my records and how will the information be used?

The use of the information and biological samples are managed by the SABRE data sharing committee.  Anonymised data and samples may be shared with other bona fide scientists who submit a data request form. Anonymised data is where identifiable information has been removed and data cannot be reidentified.  The data requests are reviewed by the data sharing committee, which is chaired by the Director of the SABRE and consists of senior scientists and operational heads. SABRE data sharing policies and processes meet the requirements and expectations of UCL policy on sharing of data from population and patient cohorts, and ensure that the use of data is within the bounds of consent given by study members, complies with UCL guidance on ethics and research governance, and meets rigorous UCL data security standards.