Sir Jonathan Montgomery, Professor of Healthcare Law at University College London and Chair of Oxford University Hospitals NHS Foundation Trust Sir Jonathan Montgomery discusses ethical considerations in relation to using patient data for research.
Approvals
The Health Research Authority (HRA) has given Section 251 support, following advice from their Confidentiality Advisory Group (CAG), for the development of the Thames Valley and Surrey Secure Data Environment. This provides the legal basis to allow access to the specified confidential patient information without asking for consent. We also have ethical approval from South Central – Oxford C Research Ethics Committees (REC).
CAG reference: 23/CAG/0046
REC reference: 22/SC/0330
As well as the data protection and ethical approvals described, data in the SDE is covered by a number of legal documents or contracts. These contracts set out the basis for processing and describe the legal roles and responsibilities of the organisations involved and form an important part of the SDE governance framework:
- Data flows into the SDE from the NHS
The first is a document that NHS provider organisations and the TVS SDE signs up to. This contract is known as the provider terms.
- Registration of research organisation and researcher
Second, research organisations who wish to ask for access to data in the SDE will have to sign a research organisation contract. These organisations will be asked to vouch for the researchers that work for them.
When individual researchers register with the SDE they will be asked to sign up to a set of researcher terms and conditions.
- Data access for an agreed research purpose
Finally, a research data access contract, signed by the research organisation and the SDE, will set out: the details of the data set requested, the purpose the data will be used for, data protection arrangements and intellectual property terms.
