Skip to content
Home > Hospitals And Services > Services A to Z > West of Scotland Safe Haven > About Safe Havens

About Safe Havens

The Safe Havens in Scotland meet the national need for rapid access to high quality health data for research purposes. The programme created a Scotland-wide research platform for the collation, management, dissemination and analysis of anonymised Electronic Patient Records (EPRs).

NHS Greater Glasgow & Clyde, in collaboration with the Robertson Centre for Biostatistics, began an ambitious itinerary of work in 2011 to develop a Safe Haven to complement this national programme and create a Trusted Research Environment (TRE) that provides the required levels of security to support access to local healthcare data for service and research purposes. The NHS collects vast amounts of data every day; this could be about you, your family, or people that you know, but most of this information belongs to people you are never likely to meet. The NHS is the custodian of this information, not the owner. As custodians we are responsible for the safe keeping and security of all information that we collect. All the personal health information we hold meetds our legal and ethical obligations of confidentiality.

A Safe Haven is a secure physical location and agreed set of administrative arrangements designed to safely store NHS data for research. The service safeguards confidential information used for research purposes. Any researchers applying for access to health data must adhere to the Safe Haven principles.

The unique patient identifier (CHI number) links to the patient record. Prior to release, data is de-identified. Researchers are responsible for ensuring that they handle information with care and respect. Researchers take responsibility to protect this information. They must ensure that whilst in their care they have done everything possible to protect this information, and comply with the Caldicott Principles and Data Protection requirements (see Caldicott Principles section).

Laws and rules governing patient data include:

  • statute law, e.g. the Data Protection Act 2018 & 1998, the Human Rights Act 1998, the Infectious Disease (Notification) Act 1889, Adults with Incapacity (Scotland) Act 2000, the Abortion Act 1967, and many others;
  • the common law in Scotland on privacy and confidentiality (which requires either consent or a legal or public interest requirement for disclosure);
  • professional standards; and
  • the policies and organisational standards of the Scottish Executive Health Department (SEHD) and NHS Scotland
    Accurate and secure personal health information is an essential part of patient health care.

The NHSGGC Safe Haven provides a service that:

  1. Protects the confidentiality of patient information;
  2. Commands the support and confidence of public, patients and all staff, students, volunteers and contractors working in or with NHS Scotland;
  3. Complies with best practice;
  4. Conforms with the law;
  5. Promotes patient care, the running of care organisations, and the improvement of health and care through knowledge; and
  6. Works in partnership with other organisations and has clearly established and communicated protocols for sharing information.