The Secure Data Hosting Service (SDHS) provides an ISO:27001 certified Safe Haven for members of the School to store sensitive data, including Personally Identifiable Data. The service was launched in 2015 and is managed by the Clinical School Computing Service (CSCS) in collaboration with the Information Governance Office on behalf of the School.
Clinical School policy states that Personally Identifiable Data (PID) must either be stored on NHS systems or in a Safe Haven approved by the Clinical School Information Governance Office.
To ensure all Clinical School researchers have access to an accredited Safe Haven, the School will no longer charge for reasonable use of the service from 1st September 2017.
The funding to support the service is coming from the share of the Departmental research grant overheads retained by the Clinical School. As different arrangements apply to the MRC Units and CRUK CI, with regard to research overheads, this subsidy will not be available to researchers in these Units/Institute.
What is included in the service?
For each Clinical School research study using the SDHS up to 3 Signify two factor authentication tokens and storage of up to 5GB will be provided free of charge.
Additional tokens cost £54 (including VAT) plus a support charge of £5 per month and any additional storage will be charged at the normal rate of £16 per month for each tranche of 100GB.
In order to be eligible to set up a study using the above service, you must be part of the School of Clinical Medicine and have:
- a CSCS user account subscription
- read and understood the SDHS Security Policy
- completed the MRC Research Information Governance online training.
Who should use the SDHS?
Research studies sponsored by the Clinical School, using Personally Identifiable Data must store that PID in a Safe Haven approved by the Information Governance Office. Typically the PID will be a spreadsheet or database holding the link keys, and research data itself is anonymised and stored on standard network drives.
See the FAQ for more details, or contact the Service Desk if you have further questions.
Applying to use the SDHS
The Chief Investigator should complete the Application to Store Sensitive Personal Data form and send this, along with the appropriate documentation to the Information Governance Office. After the application has been approved, the IGO will issue a Study ID and the Chief Investigator or the Data Manager must then complete the SDHS Online Application form including the Study ID issued by the IGO.
Amending an existing SDHS study
If your study is already set up on the SDHS and you wish to make an amendment such as adding or removing users, requesting extra storage space, or adding a printer then the Chief Investigator or Data Manager for the study should complete the SDHS Amendment Request Form
Please note that any request in regards to adding or removing Data Managers to or from a study, can only come from the Chief Investigator.
SDHS Security Policy
All usage of the SDHS is subject to the SDHS Security Policy.
User guides for University SDHS users and external collaborators are available in our CSCS Guides