The Secure Data Hosting Service (SDHS) provides an ISO:27001 certified Safe Haven for members of the School to store sensitive data, including Personally Identifiable Data. The service was launched in 2015 and is managed by the Clinical School Computing Service (CSCS) in collaboration with the Information Governance Office on behalf of the School.
Clinical School policy states that Personally Identifiable Data (PID) must either be stored on NHS systems or in a Safe Haven approved by the Clinical School Information Governance Office.
To ensure all Clinical School researchers have access to an accredited Safe Haven, the School will no longer charge for reasonable use of the service from 1st September 2017.
The funding to support the service is coming from the share of the Departmental research grant overheads retained by the Clinical School. As different arrangements apply to other University institutions, including the MRC Units and CRUK CI, with regard to research overheads, this subsidy will not be available to researchers in these Units/Institute.
Studies belonging to the School of Clinical Medicine
For each Clinical School research study using the SDHS up to 3 Signify two factor authentication tokens and storage of up to 5GB will be provided free of charge. Additional access over the 3 initial tokens will cost £10/month.
Requirements for studies in the School of Clinical Medicine:
- CSCS user account subscription
- CSCS Citrix (Mints@Home) subscription
- You must have read and understood the SDHS Security Policy
- You must also complete the MRC Research Information Governance online training.
Studies belonging to institutions outside of the School of Clinical Medicine
Studies belonging to other institutions within the University can be hosted in the CSCS Safe Haven.
For each user requiring access to the study the following charges will apply:
- CSCS User Account – £5.37/month
- SDHS Access (for the two factor token) – £21.45/month
- SDHS Citrix – £4.00/month
Users must also have:
- read and understood the SDHS Security Policy
- completed the MRC Research Information Governance online training.
Who should use the SDHS?
Research studies sponsored by the Clinical School, using Personally Identifiable Data must store that PID in a Safe Haven approved by the Information Governance Office. Typically the PID will be a spreadsheet or database holding the link keys, and research data itself is anonymised and stored on standard network drives.
See the FAQ for more details, or contact the Service Desk if you have further questions.
Applying to use the SDHS
The Chief Investigator should complete the Application to Store Sensitive Personal Data form and send this, along with the appropriate documentation to the Information Governance Office. After the application has been approved, the IGO will issue a Study ID and the Chief Investigator or the Data Manager must then complete the SDHS Online Application form including the Study ID issued by the IGO.
Amending an existing SDHS study
If your study is already set up on the SDHS and you wish to make an amendment such as adding or removing users, requesting extra storage space, or adding a printer then the Chief Investigator or Data Manager for the study should complete the SDHS Amendment Request Form
Please note that any request in regards to adding or removing Data Managers to or from a study, can only come from the Chief Investigator.
SDHS Security Policy
All usage of the SDHS is subject to the SDHS Security Policy.
User guides for University SDHS users and external collaborators are available in our CSCS Guides