Data Access and Governance
This page contains information about the CCBS Data Access and Governance (DAG) Committee, plus links to useful guidance and resources related to data management, storage, sharing and archiving.
The CCBS DAG commitee
The CCBS Data Governance and Access (DAG) committee comprises Investigators, IT Specialists & Data Management Experts from across CCBS: Clinical Neuroscience, Psychiatry and Neuroimaging. There are approximately 25 members.
The committee was formed in May 2016 and meets annually.
New members are welcome.
General Data Protection Regulations (GDPR)
CCBS operates under the University of Edinburgh regulations and guidelines so please ensure that your activities (research or otherwise) are compliant.
Please ensure you have done the first two training courses, and the third too if you are a researcher:
Data Protection Impact Assessments (DPIA)
You must conduct a DPIA when commencing a new project, be it research / procurement / event / newsletter etc...
Please refer to the following checklist which covers privacy notices, DPIAs etc along with some sample wording.
Data Management Resources
University of Edinburgh Research Data Service
There are sample DMPs available and the team can provide practical assistance with writing data management plans, if enough notice is given.
Digital Curation Centre
Training in Research Data Management
Medical Research Council Data Sharing
Other University of Edinburgh Resources
University of Edinburgh Records Management (practices and procedures, data protection and freedom of information)
University of Edinburgh Information Services policies & regulations (computing, information security, research publications & data management)
SafeHavens / Trusted Research Environments
The following information has been kindly provided by David Perry, Head of Scientific Computing, IGMM.
A SafeHaven or Trusted Research Environment (interchangeable terms) is a system for storing restricted and controlled data  where there is a requirement to control user access to the data and control ingress & egress of data from the system by any means .
 Data that do not belong to the University, provided by external bodies under Non-Disclosure Agreement or Data Processing Agreement where confidentiality and integrity must be preserved; OR data that do belong to the University but are highly restricted and confidential.
 Data must not be able to leave the system without some form of approval process. Controls must include how Users interact with the data but also how the system is managed and maintained; e.g., secondary copies of data on data backup tapes; how storage media utilised by the system are decommissioned; how Support Engineers are allowed to access these systems - staff and contractors. There will need to be some form of GateKeeper role / process for ingress & egress that includes auditing / approvals.
What is available at the University of Edinburgh?
The University of Edinburgh doesn’t currently have a SafeHaven that is available for use by staff.
There is the Farr Institute’s SafeHaven and other Commercial offerings such as from Aridhia.
The University is aiming to build a SafeHaven in 2017. For more information please see the Data Safe Haven Service page on the UoE Projects website.
Member-suggested useful links
Creative Commons Licenses
A brief and useful overview, presented to the CCBS DAG Committee by David Rodriguez-Gonzalez 23rd Nov 2017:
The RCUK Concordat on Open Research Data
The Concordat highlights the principles of open science and where responsibilities lie. The take-home message is that data should be made freely available and citable (unless there is good reason not to, and with the right to reasonable first use). It is the responsibility of the University to provide resources and training, and the responsibility of the funder to support the cost.
The summary, and full document, are available in the DAG DataSync folder.
Access to information
Disclosure of confidential information
Department of Health Confidentiality: NHS Code of Practice (including supplementary guidance on Public Interest Disclosure)
Health and Social Care Information Centre (HSCIC) (now named “NHS Digital”)
Public Benefit and Privacy Panel for Health and Social Care (PBPP)
Incorporates The Community Health Index Advisory Group (CHAIG), NHS National Services Scotland Privacy Advisory Committee (PAC), and National Caldicott
Section 251 and the Confidentiality Advisory Group (CAG)
Got something to add?
Please send any suggestions for useful content to Rebecca.Devon@ed.ac.uk
CCBS DAG folder on Datasync: look here for committee agenda, minutes and other shared documents