Data owned by the Office for National Statistics (ONS) include major government surveys, such as the Labour Force Survey and the Crime Survey for England and Wales, as well as business microdata, such as the Business Structure Database and the Annual Survey of Hours and Earnings. The legal gateway for accessing these data in Secure Lab is the Digital Economy Act, 2017 (DEA).

Please download the guidance and application process to access ONS SecureLab data.

If you are applying for access to Non ONS and ONS data, you must apply for the Non ONS Data first as ONS require evidence that other data owners have already approved access.
 
To apply for home working access to projects containing Non ONS and ONS data, please apply for ONS home working access first as ONS have additional requirements for home access.

Researcher requirements

Controlled data are only available through the SecureLab to researchers who are able to fulfil the following requirements:

  • The purpose of the use of the data for your project must provide a public benefit/serve the public good.
  • You must check any specific access restrictions for each study in our Data Catalogue that you wish to use, found in the ‘Access’ tab.
  • Postgraduate students must apply jointly with their supervisor(s).
  • You must complete Safe Researcher training and have AR status before the project can be approved and access can be granted (it is recommended you apply for this as soon as possible to speed up the application).

System requirements

Connection to SecureLab can be made from either:

i) SafePods in the SafePod Network 

ii) a device located at and owned by your institution. The device must have a dedicated static IP address and a wired internet connection (see Technical Checks).

Login/Register with the UK Data Service.

  • Add the required Secure Access dataset(s) to your account, then follow the prompts to add the dataset(s) to a registered project, or create a new project.
  • Within the project, click ‘Request Access’ to display the steps to be completed.
  • Click ‘Complete actions’, instructions and links to any forms that must be submitted will be displayed under each step.
  • The Project Lead must download and complete the project application form.
  • Each team member (including the project lead) must download and complete the Secure Access User Agreement. If we already have a completed User Agreement on record for you, this step will already be marked as complete.
  • Each team member must complete the ethics self-assessment form (download link can be found in the project application form) and evidence internal ethics approval from their institution.
  • Each team member must complete the online ‘Secure Lab Account Setup’ form under the ‘Secure Lab access’ step (see further details in Technical Checks).
  • Please email your completed documents with your project ID in the subject line to: secure.applications@ukdataservice.ac.uk

Each team member must be registered with the UK Data Service. The project lead can then add each team member to the project. To do this the project lead should:

  • Log into their UK Data Service account.
  • Expand the ‘Data’ section and then click on ‘Projects’.
  • Click the relevant project title, where a number of tabs will be visible, e.g. Projects, Datasets, Members.
  • Click ‘Members’, then ‘New member’.
  • Enter the UK Data Service registered email address for the team member you want to add.
  • Click ‘Add member’ and their details will be shown in the ‘Project team. invitations’ section of the screen. An invitation will automatically be sent.
  • Each team member will receive an invitation email to ask whether they wish to be added to the project.
  • Once a team member accepts the invitation to join the project, the Project Lead should check their details are correctly displayed in ‘Project team members’.

Each project member will be able to see the project and associated datasets within their own account and should complete any actions required.

The Project Lead should collect the Secure Access User Agreements and Ethics self-assessment forms from all team members and email them with the project application form to: secure.applications@ukdataservice.ac.uk. Additional researchers can be added to teams at a later stage with data owner approval.

Completing the Secure Access User Agreement

Before access is given to the Secure Lab, each team member and a suitable delegated authority in their institution must sign our Secure Access User Agreement. The form can be downloaded under the step “Complete Secure Access User Agreement”.

 

What is the Secure Access User Agreement?

The User Agreement is a legally binding contract between you, your organisation and the University of Essex, which is the legal entity for the UK Data Service.

The User Agreement was written by the University of Essex’s legal team, so we are not a signatory party to the Agreement and we are unable to accept edited versions of the Agreement.

The Agreement outlines the terms and conditions of use of Secure Lab and includes:

  • Agreement that you will complete our training.
  • Information about your security responsibilities, e.g. not sharing your password, nor disclosing or compromising any personal information.
  • Information about penalties and breaches, set out in our Licence Compliance Policy.
  • Our outputs release policy.
  • Our citation and copyright requirements.

The Agreement is a per person, per organisation agreement. You therefore only need to complete it once whilst you are at your current institution – if you were to move organisation and still require access to Secure Lab, then you would need to complete and submit a new agreement.

Whom should I ask to countersign the agreement at my organisation?

Your agreement must be countersigned by someone who can accept legal responsibility for your data access on behalf of the entire organisation.

You should therefore approach your organisation’s Research and Contracts Office or equivalent, to arrange for an appropriate person to countersign your agreement.

Line managers, PhD supervisors, Heads of Department/School are not acceptable signatories. The exception to this is researchers from the University of Essex, who should ask their Head of Department to countersign their agreement, as the University’s legal team cannot countersign their own agreement.

Applying for AR status

To access ONS data each team member must have Accredited Researcher Status administered by the ONS.

Completion of a Safe Researcher Training course is a required to gain AR Status. Applications for AR Status must be made through the ONS Research Accreditation Service (RAS).

To make an application please register for an account through the RAS registration system or if you already have one, login to your RAS account.

Before we can submit your project application to ONS for approval the AR numbers for each team member must be provided.

Completing Safe Researcher Training

The Safe Researcher Training (SRT) course covers.

  • Data security and personal responsibility, including legal background, security model, breaches and penalties.
  • Statistical Disclosure Control – how to make statistical outputs safe and what principles are used.
  • Using the Secure Lab* – how to use the interface and how to prepare and request data imports and suitable statistical outputs.

If you have not attended SRT you will be invited to book on one of our courses. We run these online approximately every three weeks.

If you have trained with another SRT provider within the past 3 years, then we will verify your attendance and you will be asked to complete a short Moodle course that covers the use of our Secure Lab.

The SRT course we deliver is valid for Accredited Researcher (AR) applications made via ONS, if you’re applying for AR status and are attending training with us, then you can confirm your training date to ONS and they will verify your attendance and successful pass with us before issuing you with AR status. AR status is valid for a period of five years.

If you completed SURE researcher training with the UK Data Service before 1st January 2019 you will need to complete the SRT course as this is the most up-to-date and relevant SRT course to protect data privacy and required to access Secure Lab.

If you have not logged into Secure Lab for more than 3 years, you must complete a short online MoodleX refresher course before accessing Secure Lab.

Connection to SecureLab can be made from either:

i) SafePods in the SafePod Network 

ii) a device located at and owned by your institution. The device must have a dedicated static IP address and a wired internet connection.

Each team member must complete the Secure Lab Account Set Up form under the “Secure Lab Access” step. When completing the form, you will be asked to submit the following evidence from the office device:

• Screen shot of accessing the web page: https://www.whatismyip.com/my-ip-information/
• Screenshot of output of running the command ipconfig /all in Command Prompt (Windows) or ifconfig -a in Terminal (Mac).
• Photographs clearly showing the view to the front, left, right and rear of your desk, this is to determine if your workstation is overlooked (required if you work in a shared office).

Please speak to your IT department if you are unsure if your device will meet our requirements.

In order to access Secure Lab projects from home, you must connect to your whitelisted office device using an organisationally/institutionally approved method of remote access from within the UK. Your office device must pass our checks before you will be able to access from home.

Following receipt of your application and evidence, our Data Access team will process your application as soon as possible.

Our team screen your application for completeness, including what you intend to do with the data; your proposed use of the data is justified and that your project will deliver clear public benefit.

Once it passes the initial screening, then it progresses to further checks, including feasibility assessment, ethics and methodology checks, if needed.

When we are satisfied with the quality of the application it will be sent to the ONS who will review your project.

Applications are usually approved but there are occasions when ONS may have queries, or they may decline the application. In this instance, we will return it to you with feedback to address the queries and then resubmit your application.

Whilst the application is with the ONS for consideration, our Technical Support team will undertake checks on your device and begin setting up your project (and account, if you’re not already a Secure Lab researcher).

We will confirm the approval decision to you by email. If you have completed all the elements of the application, including attending Safe Researcher training and passed the Technical checks, before we confirm the decision, then you are likely to get access immediately.

If you require an update on a current application, contact our helpdesk. Please include your name, institution and Project ID in the form.