1 / 8

UCL Data Safe Haven: Secure Infrastructure for Sensitive Data Handling

Learn about UCL's Data Safe Haven, a certified and secure infrastructure that provides a technical solution for storing, handling, and analyzing identifiable data. The service offers desktop experience, database and server environments, and meets the requirements of the NHS Information Governance Toolkit and ISO 27001.

cjason
Download Presentation

UCL Data Safe Haven: Secure Infrastructure for Sensitive Data Handling

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Infrastructure for Sensitive Data at UCL James A J Wilson October 2019

  2. Research Data Services at UCL

  3. Research Data Services at UCL

  4. Data Safe Haven Overview • Live since 2013 • Service provides a technical solution for storing, handling and analysing identifiable data • Providing a desktop experience (using Citrix XenDesktop technology), with the capability of providing database and server environments • It has been expressly designed to meet the requirements of the NHS Information Governance Toolkit and has been certified to ISO 27001 • Built using a walled garden approach, where the data is stored, processed and managed within the security of the system, avoiding the complexity of assured end point encryption • A data transfer mechanism enables information to be transferred into the walled garden simply and securely (and exported with appropriate permissions) • Dual factor authentication • Security mechanisms ensure data can’t be accidentally removed from the Data Safe Haven environment

  5. Data Safe Haven Topology

  6. The Information Governance Toolkit Contains a set of requirements that have to be met Managed by NHS Digital and provides assurance to the Department of Health Required for Section 251 and is an option for other data providers, such as the ONS. UCL has adopted the ‘Hosted Secondary Use Team / Project’ view of the IG Toolkit. This is made up of 14 requirements Additional requirements for some data sets, such as ONS mortality

  7. Data Safe Haven Roadmap • Significant improvements to compute power • Petascale storage • Hadoop/HDFS services for advanced analytics • Rapid provisioning • Metadata standardisation with the data repository • Archiving

  8. Wider Issues with Storing Sensitive Data • Sig

More Related