Marking 10 years of UKDS SecureLab

Matthew Woollard, Director of the UK Data Service, takes us through the origins of the SecureLab – and his hopes for its future.

The UKDS SecureLab was originally known as the Secure Data Service (SDS) back in 2011 and was developed to complement the Office for National Statistics’ (ONS) Virtual Microdata Library by providing secure remote access to personal data for researchers within higher education. Previously, researchers had to travel to the ONS office to access the data. Uniquely, the SDS also offered users a truly virtual “lab space”, where projects could be undertaken from start to finish – long before other Trusted Research Environments became available across the UK. It still remains today that all of an individual user’s research takes place within their own area in the system, from the first examination of the data to the writing of the final paper.

From SDS to UKDS SecureLab – our origins

The original award for the Secure Data Service started on 1 October 2008 under the direction of founder Melanie Wright at the UK Data Archive, University of Essex. The whole department ensured the technical infrastructure and information security features required to carry out the Service were up and running. The efforts required to achieve certification to ISO 27001 were made across the UK Data Archive and not just the SDS project. The project was renamed UKDS SecureLab in 2011, to differentiate from the ONS Secure Research Service (SRS).

Improvements to the SecureLab are made continuously — some of these, like the increase in the numbers and range of datasets available are obvious to see. Others like the addition of new software for researchers are not always visible to users.

Adopting Five Safes

The Five Safes were originally developed in ONS during the early 2000s and we were early adopters, working closely with ONS and DataLab from Her Majesty’s Revenue and Customs (HMRC) office. The Five Safe Principles enable data services to provide safe research access to protected data and ensure outputs remain safe in terms of identifying factors. The Framework is acknowledged as best practice in data protection and in 2020 was adopted by numerous other Trusted Research Environments (TREs) within the UK, including Health Data Research UK (HDR-UK) and National Institute for Health Research Design Service(NIHR). The Five Safes Framework continues to be flexible enough to allow modifications to the implementation of the SecureLab system, whilst remaining rigid enough to give data controllers absolute confidence that personal data is being used and protected appropriately.

Facing COVID-19 and fresh challenges

With the onset of the COVID-19 pandemic, we faced an unprecedented challenge to ensure safe research could continue, from home. In the space of a few weeks, we had developed a new system that would maintain our users access to SecureLab even while lockdown confined all the Service staff, SecureLab researchers and data providers to their homes. The UK Data Service approached all the relevant data owners to see whether they would allow us to modify the access criteria for SecureLab. Additional restrictions were put in place to mediate against any potentially incurred risks – thereby using the Five Safes framework to adequately ensure safe research could continue.

With over 930 active users of SecureLab at present, I am confident that we can continue to work closely with the Economic and Social Research Council, our funding body, alongside our service users, to develop and enhance research access to data. In the immediate future, we plan to extend the scope of SecureLab, and we are currently considering a pilot on the use of qualitative data, launching later in 2022.