We are committed to privacy by design across our data-intensive initiatives. This involves building robust privacy controls into all aspects of our work including meeting the requirements of information governance.
Proper information governance is not merely complying with legislation and regulations, but being innovative in operating models and engaging with the public and other stakeholders to demonstrate trustworthy data management and access.
Privacy by design involves a range of physical, technical and procedural measures applied directly to the data and to the surrounding data environment to ensure data safety and maintain data utility.
- The Data Science Building is a purpose-built secure facility, providing physical controls on data access. Data is protected by an array of technical safeguards at whole-system and individual-access levels. Procedural controls determine which data can be accessed and how data is used.
- The UK Secure Research Platform (UKSeRP) is a customisable technology and analysis platform that can be tailored to enact a required privacy-by-design model.
- The SAIL Databank is a national data safe haven of de-identified health-related data about the population of Wales, and it is hosted on UKSeRP. The SAIL privacy-by-design model has been carefully designed to meet legal and ethical requirements for the socially-acceptable use of population data. As a result, SAIL is internationally renowned; it has an unsurpassed reputation for the trustworthy reuse of population data and it forms the bedrock of many of our data-intensive initiatives.