Transformation Directorate

Secure Data Environments (SDEs)

We know that data saves lives.

Data helps our doctors and nurses to make better decisions in delivering care and helps our researchers to discover life-changing new treatments. Our recent strategy set out how we can use data more effectively and save even more lives by making the NHS more data driven.

As the use of data increases, it is important we continue to handle patient data safely and ethically. To achieve this, the Department of Health and Social Care and the NHS in England are investing to move from processes that rely on data being shared, to a system where data is accessed. This will be done using online platforms known as Secure Data Environments, which are designed to give NHS data more protection.

What is NHS data?

The NHS has recorded data about every interaction with each patient and service user since 1948, much of it now in digital form. The NHS keeps our health and social care records safe to ensure we get the care we need.

These health records can also be very useful for analysts and researchers to look at trends and patterns across the whole population. To do this, individual level information is combined to form large sets of data . This looks very different to a person’s medical record. The combination of all this different information is what we call “NHS data”.

Why is research and analysis using NHS data valuable to the public?

NHS data can be used to answer a huge variety of problems. These range from problems that affect the whole population, to those that impact small groups of people with rare conditions. Because of the diversity of the UK population, NHS data has enormous value.

Examples of people that use NHS data:

  • NHS analysts, to check the quality of existing services and identify potential improvements.
  • Medical researchers, to gain a deeper understanding of diseases and identify new life saving medicines and treatments.

What is the current process for using NHS data for analysis?

Research and analysis are currently carried out through a process that involves data being shared. When a researcher or analyst wants to use NHS data they must go through a rigorous application and assessment process, known as the Data Access Request Service (DARS), before it can be shared. The current procedures do a good job to make sure patient data is kept safe, privacy is protected, and that data sharing is of benefit to patients. However, there are things we can do better to improve the current procedures.

What is a Secure Data Environment?

Secure Data Environments are data storage and access platforms, which uphold the highest standards of privacy and security of NHS health and social care data when used for research and analysis. Secure Data Environments give approved users access to relevant health data for research and analysis, without the raw data ever leaving the Secure Data Environment. The organisation providing the Environment can control many factors, including;

  • Who can be a user;
  • The data that users can access;
  • What users can do in the environment;
  • The findings of analysis that users can remove.

Why is the NHS making this change?

There are many things that improve through Secure Data Environments, including:

  • Patient privacy. Secure Data Environments must apply techniques to remove personal details. This makes sure that patient information remains confidential.
  • Security. As NHS data will only be hosted on systems that can prove they have high levels of protection.
  • Efficiency. The process of preparing data so it is ready for analysis research can take time. Secure Data Environments enable many different sources of data to be linked, so prepared data can be more easily accessed if needed again. This means that researchers and analysts can access bigger sets of data faster. This will speed up how quickly the NHS can make decisions and the discovery of new treatments.

What wider rules apply to Secure Data Environments?

Secure Data Environments must comply with the robust existing legal frameworks to keep data safe and used correctly. The UK has high data protection standards to control how personal information is used. These include;

Secure Data Environments must also adhere to the Five Safes framework, an internationally recognised system promoting the best practice in data security and privacy.

How will Secure Data Environments be delivered?

You can read the latest updates and learn about work in progress to implement Secure Data Environments here.

If you are interested in receiving more information about what we are doing and why, please email

Related Pages