Controlled data owned by non-ONS providers that are available within the UK Data Service SecureLab include large surveys funded by UKRI ESRC, such as longitudinal cohort studies from the Centre for Longitudinal Studies – for example, the Millennium Cohort Study and Next Steps – and the UK’s largest longitudinal household survey, Understanding Society, based at the Institute for Social and Economic Research.

Data providers include government departments, such as the Department for Education, NHS Digital, NatCen Social Research. Access to these data in Secure Lab do not use the legal gateway of the Digital Economy Act, 2017 (DEA) – instead, they use other legal gateways, such as UK GDPR.

Please download the application guidance and follow the steps to apply to access non-ONS controlled data through UKDS SecureLab.

Researcher requirements:

Controlled data are only available through SecureLab to researchers who are able to fulfil the following requirements:

  • The purpose of the use of the data for your project must provide a public benefit/serve the public good.
  • You must have an undergraduate degree (or higher) including a significant proportion of maths or statistics, or be able to demonstrate at least 3 years’ quantitative research experience.
  • If you are a postgraduate student, you must apply jointly with your supervisor(s).
  • You must check any specific access restrictions for each study in our Data Catalogue that you wish to use, found in the ‘Access’ tab.
  • You must only access data from within the UK (SN 6676 can be accessed by German researchers, subject to meeting other conditions).

System requirements:

Connection to SecureLab can be made from either:

i) SafePods in the SafePod Network 

ii) a device located at and owned by your institution. The device must have a dedicated static IP address and a wired internet connection.

  • Login/Register with the UK Data Service.
  • Add the required Secure Access dataset(s) to your account, then follow the prompts to add the dataset(s) to a registered project, or create a new project.
  • Within the project, click ‘Request Access’ to display the steps to be completed.
  • Click ‘Complete actions’, instructions and links to any forms that must be submitted, will be displayed under each step.
  • The project lead must download and complete the project application form and the ESRC Research Proposal.
  • Each team member (including the project lead) must download and complete the Secure Access User Agreement and the ESRC Accredited Researcher application form. If we already have a completed User Agreement on record for you, this step will already be marked as complete.
  • Each team member must complete the online ‘SecureLab Account Setup’ form under the ‘SecureLab Access’ step.
  • Please email your completed documents with your project ID in the subject line to: secure.applications@ukdataservice.ac.uk.

 

Each team member must be registered with the UK Data Service. The project lead can then add each team member to the project. To do this the project lead should:

  • Log into their UK Data Service account.
  • Expand the ‘Data’ section and then click on ‘Projects’.
  • Click the relevant project title, where a number of tabs will be visible, e.g. Projects, Datasets, Members.
  • Click ‘Members’, then ‘New member’.
  • Enter the UK Data Service registered email address for the team member you want to add.
  • Click ‘Add member’ and their details will be shown in the ‘Project team invitations’ section of the screen. An invitation will automatically be sent.
  • Each team member will receive an invitation email to ask whether they wish to be added to the project.
  • Once a team member accepts the invitation to join the project, the Project Lead should check their details are correctly displayed in ‘Project team members’.

Each project member will be able to see the project and associated datasets within their own account and should complete any actions required. The project lead should collect the Secure Access User Agreements and ESRC Accredited Researcher forms from all team members and email them with the project application form to: secure.applications@ukdataservice.ac.uk. Additional researchers can be added to teams at a later stage with data owner approval.

 

 

Before access is given to the UK Data Service SecureLab, each team member and a suitable delegated authority in their institution must sign our Secure Access User Agreement.

What is the Secure Access User Agreement?

The User Agreement is a legally binding contract between you, your organisation and the University of Essex, which is the legal entity for the UK Data Service.

The User Agreement was written by the University of Essex’s legal team, so we are not a signatory party to the Agreement and we are unable to accept edited versions of the Agreement.

The Agreement outlines the terms and conditions of use of Secure Lab and includes:

  • Agreement that you will complete our training.
  • Information about your security responsibilities, e.g. not sharing your password, nor disclosing or compromising any personal Information.
  • Information about penalties and breaches, set out in our Licence Compliance Policy.
  • Our outputs release policy.
  • Our citation and copyright requirements.

The Agreement is a per person, per organisation agreement. You therefore only need to complete it once whilst you are at your current institution – if you were to move organisation and still require access to Secure Lab, then you would need to complete and submit a new Agreement.

Whom should I ask to countersign the Agreement at my organisation?

Your Agreement must be countersigned by someone who can accept legal responsibility for your data access on behalf of the entire organisation.

You should therefore approach your organisation’s Research and Contracts Office or equivalent, to arrange for an appropriate person to countersign your Agreement.

Line managers, PhD supervisors, Heads of Department/School are not acceptable signatories.

The exception to this is researchers from the University of Essex, who should ask their Head of Department to countersign their Agreement, as the University’s legal team cannot countersign their own Agreement.

 

 

All team members must complete Safe Researcher Training (SRT) course which covers.

  • Data security and personal responsibility, including legal background, security model, breaches and penalties.
  • Statistical Disclosure Control – how to make statistical outputs safe and what principles are used.
  • Using SecureLab* – how to use the interface and how to prepare and request data imports and suitable statistical outputs.

If you have not attended SRT you will be invited to book on one of our courses. We run these online approximately every three weeks.

If you have trained with another SRT provider within the past 3 years, then we will verify your attendance and you will be asked to complete a short Moodle course that covers the use of our SecureLab.

The SRT course we deliver is valid for Accredited Researcher (AR) applications made via ONS, if you’re applying for AR status and are attending training with us, then you can confirm your training date to ONS and they will verify your attendance and successful pass with us before issuing you with AR status. AR status is valid for a period of five years.

If you completed SURE researcher training with the UK Data Service before 1st January 2019 you will need to complete the SRT course as this is the most up-to-date and relevant SRT course to protect data privacy and required to access Secure Lab.

If you have not logged into SecureLab for more than 3 years, you must complete a short online MoodleX refresher course before accessing SecureLab.

After becoming an Accredited Researcher, connection to SecureLab can be made from either:

i) SafePods in the SafePod Network or

ii) a device located at and owned by your institution. The device must have a dedicated static IP address and a wired internet connection.

Each team member must complete the SecureLab Account Set Up form under the “SecureLab Access” step. When completing the form, you will be asked to submit the following evidence from the office device:

• Screen shot of accessing the web page: https://www.whatismyip.com/my-ip-information/
• Screenshot of output of running the command ipconfig /all in Command Prompt (Windows) or ifconfig -a in Terminal (Mac).
• Photographs clearly showing the view to the front, left, right and rear of your desk, this is to determine if your workstation is overlooked (required if you work in a shared office).

Please speak to your IT department if you are unsure if your device will meet our requirements.

In order to access SecureLab projects from home, you must connect to your whitelisted office device using an organisationally/institutionally approved method of remote access from within the UK. Your office device must pass our checks before you will be able to access from home.

Following receipt of your application and evidence, our Data Access team will process your application as soon as possible.

Our team screen your application for completeness, including what you intend to do with the data; your proposed use of the data is justified and that your project will deliver clear public benefit.

Once it passes the initial screening, then it progresses to further checks, including feasibility assessment, ethics and methodology checks, if needed.

The data owners then receive your completed and checked application from us to decide whether to permit research access.

Applications are usually approved but there are occasions where a data owner may have queries, or they may decline the application. In this instance, we will return it to you with feedback to address the queries and then resubmit your application.

Whilst the application is with the data owners for consideration, our Technical Support team will undertake checks on your device and begin setting up your project (and account, if you’re not already a SecureLab researcher).

We will confirm the data owners’ decision to you by email. If you have completed all the elements of the application, including attending Safe Researcher training and passed the Technical checks, before we confirm the decision, then you are likely to get access immediately.

To check that we have received your application or if you have any questions whilst waiting, please email our Helpdesk, ensuring that you quote your project number.