Unlocking UK Research: Your Guide to Trusted Environments

Why Secure Data Access is Critical for UK Research

Trusted research environments (TREs) in the UK are secure computing platforms that allow approved researchers to access and analyse sensitive health and administrative data without the data ever leaving its protected location. Instead of researchers downloading datasets to their own computers—risking data breaches, privacy violations, and compliance failures—TREs bring the analysis tools to the data.

Here’s what you need to know:

• What they are: Secure digital or physical environments where sensitive data is stored and accessed remotely by accredited researchers
• Also called: Data Safe Havens (Scotland), Secure Data Environments or Secure Research Environments (England)
• How they work: Researchers log into a secure portal, analyse pseudonymised data using provided tools, and only export aggregated, checked results
• Key framework: The Five Safes model (Safe People, Safe Projects, Safe Settings, Safe Data, Safe Outputs) governs how data is accessed and used
• Main examples: NHS England Secure Data Environment, ONS Secure Research Service, Scottish National Safe Haven, SAIL Databank (Wales), Honest Broker Service (Northern Ireland)

The need for TREs has never been more urgent. A 2018 survey found that concerns about data misuse are the primary reason people hesitate to share their datasets—and 66% of medical researchers cite data sensitivity as their top worry. Meanwhile, the UK’s devolved healthcare system creates geographical and governance boundaries that make cross-region analysis painfully slow and complex.

TREs solve this by centralising secure access while keeping data distributed. Researchers no longer need to steer separate approvals, ethics committees, and data use agreements for each dataset. Data controllers retain full oversight. The public gains confidence that their health information is protected. And critically, research that could save lives—from COVID-19 vaccine safety studies to cancer treatment optimisation—can move faster.

Yet the current landscape is fragmented. Because TREs evolved organically across institutions and regions, they lack standardisation and interoperability. Researchers accessing multiple TREs face complex governance structures and delays. Only 21% of UK TREs support federated queries, and just 23% allow export of AI models—limiting the very “next-generation” research capabilities that modern science demands.

As CEO and Co-founder of Lifebit, I’ve spent over 15 years building platforms that enable secure, federated analysis of genomic and biomedical data across trusted research environments (TREs) in the UK and globally, working with public sector institutions and pharmaceutical organisations to accelerate drug findy while maintaining the highest standards of data security and compliance. The future of UK research depends on connecting these siloed environments into a truly federated ecosystem—and that change is already underway.

The Five Safes: A Blueprint for Trustworthy Data Handling

At the heart of every trusted research environment (TRE) in the UK lies a robust framework designed to uphold the highest standards of data security and privacy: the Five Safes. This framework, originating from the UK’s Office for National Statistics (ONS), has become the gold standard and best practice for data protection across the UK and beyond. It ensures that while sensitive data is made available for public-benefit research, it is done so under stringent controls, balancing the demands of open science with the imperative of safeguarding individual privacy.

The Five Safes framework provides a comprehensive approach to data governance, considering every aspect of the data access process. It moves beyond simply anonymising data by examining the entire ecosystem surrounding data use, from who accesses the data to how the results are released.

The Five Safes Framework explained by the UK Data Service.

Safe People

This ‘Safe’ focuses on the individuals permitted to access sensitive data within a TRE. It’s not enough to simply declare oneself a researcher; a rigorous vetting and accreditation process is essential. This includes:

• Researcher Accreditation: Researchers must undergo a thorough assessment of their credentials, experience, and understanding of data ethics and security. They are typically affiliated with approved research organisations.
• Vetting Process: This often involves background checks and confirmation of adherence to strict codes of conduct. For instance, to become an ONS Accredited Researcher, individuals must not only prove their identity and institutional affiliation but also demonstrate their quantitative skills and experience in working with sensitive data. This ensures that the person accessing the data has the technical competence to use it appropriately and understands the statistical principles needed to avoid inadvertent disclosure.
• Required Training: A significant 85% of TREs require researchers to complete specific training modules covering information governance, GDPR, privacy, ethics, and security protocols. This ensures that users understand their responsibilities and the potential risks associated with sensitive data. This training is not a one-off event; many TREs require regular refresher courses to keep researchers updated on the latest governance policies and security threats.
• Accountability: Researchers sign legal documents and data user agreements, committing not to misuse the environment or data. Penalties for violations are clearly defined, reinforcing accountability.

Safe Projects

Not all research projects are created equal, especially when sensitive data is involved. The ‘Safe Projects’ principle ensures that only research that serves a clear public benefit and meets ethical standards is granted access.

• Public Benefit: Projects must demonstrate a clear and justifiable public interest, aligning with societal needs and values.
• Ethical Approval: All projects must undergo rigorous ethical review and approval from relevant bodies. For example, a project aiming to analyse regional variations in cancer survival rates to identify inequalities and inform NHS resource allocation would clearly serve the public benefit. Conversely, a project proposed by a commercial entity to use health data for targeted advertising of non-medical products would be rejected as it lacks a clear public interest and ethical justification.
• Research Accreditation Panel (RAP): Many TREs, such as the ONS Secure Research Service (SRS), require projects to pass through a Research Accreditation Panel (RAP) before data access is granted.
• Project Feasibility: The research must be scientifically sound and demonstrate a realistic likelihood of producing valuable insights without requiring unnecessary access to highly sensitive information.

Safe Settings

The environment in which data is accessed is paramount to its security. ‘Safe Settings’ refers to the technical and physical safeguards that prevent unauthorised access or data exfiltration.

• Secure Technology: This involves robust IT infrastructure, including virtual desktop infrastructure (VDI), network segmentation, and strong access controls like multifactor authentication and IP whitelisting.
• Physical Security: For physical safe rooms, measures include controlled entry, no internet access, and prohibition of external devices. Modern digital TREs enforce this virtually, with technical controls that disable copy-paste functionality, prevent screenshots, apply digital watermarks to the user’s screen, and may even include active monitoring or recording of user sessions to audit activity. These measures create a ‘virtual airlock’ around the data.
• Access Controls: User privileges are strictly limited to what is necessary for the approved project.
• Private Cloud: A substantial 64% of TREs utilise a private cloud infrastructure, offering greater control and compliance with data governance requirements, though some are moving towards public cloud for scalability and advanced services. While private clouds offer bespoke security controls, public cloud providers (like AWS, Azure, or GCP) offer immense scalability and access to cutting-edge tools, but require expert configuration to ensure they meet the stringent security and data residency requirements of UK data controllers.

More on Secure Research Environments.

Safe Data

The data itself must be prepared and managed to minimise the risk of re-identification. ‘Safe Data’ focuses on making the data as safe as possible before researchers even see it.

• De-identification: This is a critical step where direct identifiers are removed or disguised. It’s crucial to distinguish this from full anonymisation. Anonymised data has had all identifiers stripped in a way that is irreversible, which can limit its research value. Pseudonymisation, on the other hand, allows for re-identification but only by a trusted third party (TTP) holding a separate, securely stored ‘key’. This is vital for longitudinal research, where new data (e.g., a later hospital visit) needs to be linked to the same individual’s record over time without the researcher ever knowing the person’s real identity.
• Pseudonymisation: Personal identifiers are replaced with artificial identifiers or codes, making it difficult to link data back to individuals without additional information held separately.
• Minimising Disclosure Risk: Techniques like k-anonymity are used to quantify and reduce the risk of re-identifying individuals. Data controllers are responsible for the de-identification and obtaining consent.
• Data Minimisation: Only the necessary data for the approved research question is made available, reducing the overall risk.

Safe Outputs

Even after analysis, there’s a risk that the results themselves could inadvertently reveal sensitive information. ‘Safe Outputs’ ensures that anything leaving the TRE does not compromise individual privacy.

• Disclosure Control: All research outputs, such as statistical tables, graphs, or models, undergo a stringent review process before they can be exported.
• Output Checking: Trained staff scrutinise outputs to ensure no sensitive person-level data is included and that statistical aggregates meet minimum cell sizes (e.g., 5 or 10 individuals per cell) to prevent re-identification.
• Aggregated Results Only: Typically, only aggregated statistical analyses are permitted for export. Raw, individual-level data is almost never allowed to leave the environment.
• Preventing Re-identification: Output checkers are vigilant for any patterns or small numbers that could lead to an individual being identified, ensuring adherence to disclosure control rules. For example, if a researcher produces a table showing the number of patients with a rare disease in different small towns, and one town has a count of ‘2’, that output would be blocked. The checker would require the researcher to aggregate the data further, perhaps by combining several towns into a larger region, to ensure the cell count is above the minimum threshold (e.g., 10). This process, known as statistical disclosure control (SDC), is a fundamental part of ensuring outputs are safe.

By implementing these Five Safes, trusted research environments (TREs) in the UK create a secure and ethical foundation for vital data-driven research, fostering public trust and enabling scientific progress.

The Landscape of Trusted Research Environments (TREs) in the UK

The UK’s approach to secure data access for research has evolved into a diverse landscape, with various types of trusted research environments (TREs) in the UK operating across different regions and sectors. While the core purpose remains consistent—to enable secure access to sensitive data—the terminology and specific implementations can vary. In Scotland, these environments are often referred to as Data Safe Havens, while in England and other parts of the UK, terms like Secure Data Environments (SDEs) or Secure Research Environments are more common. This regional variation highlights an organic growth, which, while robust in individual instances, presents challenges for a truly unified national network.

Our goal is to bridge these regional differences, fostering a cohesive national network that allows researchers to open up the full potential of UK data for public benefit.

Key Examples of TREs Across the UK

The UK boasts several prominent TREs, each playing a crucial role in its respective domain:

• England:
  • NHS Secure Data Environment (SDE): This service has replaced the previous NHS Digital TRE service, which was instrumental in supporting COVID-19 related research. The SDE provides a secure research analysis platform for accessing health and social care data. It adheres to the Five Safes framework and offers tools like Databricks and RStudio.
  • ONS Secure Research Service (SRS): As the UK’s largest TRE, the SRS provides accredited researchers with secure access to de-identified, unpublished data for public interest projects. It holds a vast array of government and statistical data. The ONS is also developing the Integrated Data Service (IDS) to eventually replace the SRS, building on its foundations.
• Scotland:
  • Scottish National Safe Haven (NSH): Operated by Public Health Scotland’s electronic Data Research & Innovation Service (eDRIS), the NSH is a high-powered computing service and secure analytic environment. It houses health data controlled by Public Health Scotland and other data from the Scottish Government. Regional Safe Havens, such as those in Grampian, HIC, DataLoch, and West of Scotland, collaborate with NHS Health Boards and universities to hold regional data. Research Data Scotland (RDS) also provides access to frequently requested datasets through its digitised Researcher Access Service (RAS).
• Wales:
  • SAIL Databank: Starting as a localised pilot in Swansea, SAIL Databank has grown to become the national TRE for Wales. It offers secure remote access to billions of anonymised person-based population, health, and social care data records, including hospital, GP, educational, and local authority data. NHS Wales’ Digital Health and Care Wales acts as a trusted third party for data linkage.
• Northern Ireland:
  • Honest Broker Service (HBS): The HBS acts as the trusted research environment (TRE) in the UK for Northern Ireland, managed by the Northern Ireland Statistics & Research Agency (NISRA). It allows accredited researchers secure access to project-specific de-identified administrative and health data, with the ability to link data from various government departments and Health and Social Care (HSC) sources.

The Role of National Bodies in the TRE Ecosystem

Driving the evolution and standardisation of trusted research environments (TREs) in the UK are several key national organisations:

• Health Data Research UK (HDR UK): As the national institute for health data science, HDR UK plays a pivotal role in aligning approaches to TREs. Its UK Health Data Research Alliance has published important papers like the ‘Principles and Best Practices for Trusted Research Environments’ and the ‘TRE Green Paper’, advocating for a trustworthy ecosystem for health research. HDR UK also champions initiatives like the Federated Analytics programme.
• UK Research and Innovation (UKRI): UKRI is a major funder and strategic body behind initiatives like DARE UK (Data and Analytics Research Environments UK). DARE UK aims to design and deliver a joined-up, trustworthy UK data research infrastructure, establishing the next generation of TREs and supporting research at scale.
• Research Data Scotland (RDS): Focused on Scotland, RDS facilitates safe access to public sector data for research, often leveraging the Scottish National Safe Haven. They are actively working to expand data access through initiatives like the Researcher Access Service (RAS).
• Administrative Data Research UK (ADR UK): Working in partnership with HDR UK, ADR UK is instrumental in the DARE UK programme. It focuses on enabling access to administrative data for research across the UK, ensuring it is used ethically and securely for public benefit.

These bodies are collaboratively working towards a more harmonised and interoperable network of trusted research environments (TREs) in the UK, aiming to overcome current fragmentation and open up greater research potential.

Aligning approach to Trusted Research Environments.

Advantages vs. Current Challenges for UK Researchers

The adoption of trusted research environments (TREs) in the UK offers transformative benefits for all stakeholders—data controllers, researchers, and the public. These secure platforms are designed to maximise the utility of sensitive data while rigorously upholding privacy.

For Data Controllers: TREs provide unparalleled control over sensitive datasets. By keeping data within a secure environment and bringing analysis to the data, controllers maintain full oversight, significantly reducing the risk of data breaches and ensuring compliance with stringent regulations like GDPR. This centralised control also streamlines governance processes, as data never leaves its designated safe haven.

For Researchers: TREs offer a single, secure location for accessing diverse datasets and powerful analytical tools, akin to a secure reference library. This eliminates the need for complex data transfer agreements and local storage, making research more time-efficient and cost-effective. Researchers can collaborate securely within the environment, accelerating findies. The availability of high-powered computing services and a range of analytic software within TREs, such as those in the Scottish National Safe Haven, empowers researchers to conduct advanced analyses.

For the Public: The public benefits from the accelerated pace of research and the assurance that their sensitive information is protected. TREs build public confidence in data sharing for research by demonstrating transparency and robust security measures. This trust is crucial for fostering continued participation in data collection initiatives that drive medical breakthroughs and inform public policy.

Here are the key advantages:

• Improved Security: Centralised, secure environments drastically reduce the risk of data leaks and unauthorised access.
• Improved Data Governance: Data controllers retain full control and oversight, ensuring regulatory compliance.
• Streamlined Collaboration: Researchers can work together on shared datasets within a secure environment, fostering inter-institutional projects.
• Increased Research Efficiency: Access to integrated data and powerful tools accelerates analysis and findy.
• Cost-Effectiveness: Reduces the need for individual researchers or institutions to invest in redundant secure data infrastructure.
• Public Trust: Demonstrable commitment to privacy and security builds confidence in data-driven research.
• Scalability: Cloud-based TREs offer dynamic scalability for resource-intensive projects.

A particularly powerful advantage is the ability to conduct longitudinal and cross-sectoral research. TREs like the SAIL Databank and ONS Secure Research Service excel at linking datasets from different domains over time. For instance, a researcher could securely link anonymised health records with pollution data, educational attainment records, and employment data. This would make it possible to study complex, long-term questions, such as the impact of early-life air quality on the development of respiratory illnesses and subsequent educational outcomes, providing holistic evidence for public health and environmental policy that would be impossible to generate otherwise.

Read about the Advantages of Trusted Research Environments.

Why Aren’t All TREs Connected?

Despite these clear advantages, the current landscape of trusted research environments (TREs) in the UK faces significant challenges, primarily stemming from their organic development.

• Organic Growth: Many TREs have emerged independently, often custom to specific institutional or regional needs. This organic, siloed growth has led to a patchwork of systems rather than a cohesive national infrastructure.
• Lack of Standardisation: Without a common blueprint, TREs have developed with varying technical specifications, security protocols, and governance models. This inconsistency makes it difficult for researchers to move between environments or for data to be analysed across them. Projects like SATRE (Standard Architecture for Trusted Research Environments) are directly addressing this by aiming to standardise TRE capabilities across multiple institutions.
• Interoperability Issues: The lack of standardisation creates significant interoperability barriers. Researchers accessing multiple TREs must steer disparate systems, complex governance structures, ethics approvals, and data use agreements for each individual environment. Only a small fraction (21%) of TREs currently support federated queries, which would allow analysis across multiple datasets without moving the data.
• Complex Access Processes: The administrative burden on researchers can be considerable. Applying for data access often involves lengthy review processes, which, while necessary for security, can lead to frustration and delays. Imagine a researcher with a time-sensitive project. Their journey might involve: 1) A multi-week process to write and submit a detailed project application. 2) A waiting period of one to three months for a Data Access Committee (DAC) to review the project’s feasibility and public benefit. 3) A separate application to an ethics committee, which has its own timeline. 4) Once approved, the researcher must complete mandatory training and become an accredited user. 5) Finally, the data provisioners must prepare and ingest the specific data cut for the project. A delay at any single stage can cascade, pushing project start dates back by six months or more. This administrative friction is a significant barrier to agile research.
• Variability in Tools and Computing Power: The decentralised nature of TREs means there is no consistency in the analytical environments offered. A researcher might find one TRE provides access to powerful GPUs and the latest machine learning libraries, ideal for AI research, while another offers only a basic installation of R or Stata on a low-powered virtual machine. This inconsistency forces researchers to adapt their methods to the environment rather than choosing the best tools for the science, and it can prevent them from running computationally intensive analyses, limiting the scope and ambition of their work.
• Research Delays: The cumulative effect of these challenges is research delays. The inability to seamlessly combine and analyse data from various TREs means that crucial insights, particularly for complex health and social care challenges, are slower to emerge. If a federated approach had been widely available during the COVID-19 pandemic, it could have significantly accelerated research into the virus and its impacts.

Addressing these challenges is critical to open uping the full potential of trusted research environments (TREs) in the UK and accelerating data-driven findies for public good.

Next-Generation TREs: Meeting the Demands of AI and Big Data

The world of research is evolving at an unprecedented pace, driven by the explosion of big data and the transformative potential of Artificial Intelligence (AI) and Machine Learning (ML). For trusted research environments (TREs) in the UK to remain relevant and impactful, they must adapt to these ‘next-generation’ research needs. The vision for this evolution is clearly articulated in influential reports such as the UK Government’s Goldacre review and the ‘Data Saves Lives’ policy paper, which highlight the critical role TREs play in enabling ground-breaking research.

This future requires TREs to not only handle vast, complex datasets but also to support advanced analytical methods, including privacy-enhancing technologies (PETs) like federated learning and homomorphic encryption. These PETs allow for the analysis of data in a secure, distributed manner, without ever exposing the raw sensitive information, which is crucial for maintaining public trust and regulatory compliance.

Learn about Federated Trusted Research Environments.

How are TREs evolving for ‘next-generation’ research needs?

The shift towards next-generation research demands significant upgrades and new capabilities within TREs:

• Big Data Analysis: Traditional TREs were often designed for observational studies using structured, text-based data. Modern research, however, frequently involves massive, multi-omic datasets (genomics, proteomics, imaging), which require far greater computational power and storage. While 64% of TREs currently use private cloud, there is a growing recognition that public cloud infrastructure offers the scalability, flexibility, and advanced services (like specialised GPUs for AI) needed for big data processing.
• Cloud Infrastructure: The move towards cloud-native architectures is vital for dynamic scalability. Cloud-based TREs can spin up resources on demand, supporting resource-intensive projects that would overwhelm traditional on-premise setups.
• AI/ML Model Export Challenges: A major hurdle for AI research within TREs is the export of developed models. A recent interview study revealed that only 23% of TREs currently allow the export of AI models, while 36% specifically prohibit it, and another 23% are considering it for the future. The challenge lies in the risk of embedded individual-level data within the model or the potential for model inversion and membership inference attacks that could expose sensitive information. The primary concerns are model inversion and membership inference attacks. A model inversion attack attempts to reconstruct parts of the original training data by repeatedly querying the model. For example, an attacker might be able to regenerate a medical image that was used to train a diagnostic AI. A membership inference attack aims to determine whether a specific individual’s data was part of the training set. If a hospital knows their patient, Jane Doe, has a rare condition, and an attacker can confirm Jane’s data was used to train a model for that condition, it could violate her privacy. Developing robust methods for ‘output checking’ complex AI models to prevent these attacks is a major area of active research.
• Federated Queries: The ability to conduct federated queries across multiple TREs is a cornerstone of next-generation research. This allows researchers to train ML algorithms on diverse, distributed datasets without the data ever leaving its original secure environment. However, only 21% of TREs currently support federated queries, with 79% not supporting them due to the complexity of maintaining privacy and security controls across disparate systems. This highlights a critical gap that needs to be addressed for large-scale, collaborative research.

Beyond federated queries, TREs are beginning to explore a wider suite of Privacy-Enhancing Technologies (PETs). These include techniques like Secure Multi-Party Computation (SMPC), where multiple parties can jointly compute a function over their inputs (e.g., calculate an average) without revealing those inputs to each other, and Differential Privacy, which involves adding mathematically calibrated ‘noise’ to query results to protect individual privacy while preserving overall statistical accuracy. The integration of these advanced PETs will provide a more granular and mathematically provable toolkit for data protection, allowing for more complex cross-TRE collaborations while offering even stronger privacy guarantees.

Data Analysis in Trusted Research Environments.

The future of trusted research environments (tres) in the uk

The future of trusted research environments (TREs) in the UK is one of increasing connectivity, standardisation, and public engagement, moving towards a truly federated ecosystem:

• Federation (DARE UK, TRE-FX): Initiatives like DARE UK (Data and Analytics Research Environments UK), established by UK Research and Innovation (UKRI), are spearheading the creation of a joined-up national data research infrastructure. Projects like TRE-FX are focused on delivering core federation services, enabling safe analytics across multiple TREs. Specifically, TRE-FX is developing a ‘cross-TRE’ API specification. This would allow a researcher to write a single script that can be sent to multiple, different TREs, which would each run the analysis on their local data and return the safe, aggregated results. The project is also tackling the challenge of a federated identity and access management system, so that a researcher accredited by one TRE could be recognised and granted appropriate permissions by another, drastically reducing the administrative burden of cross-site studies. This aims to overcome the current geographical and governance boundaries that hinder cross-TRE analysis.
• Standardisation (SATRE): The Standard Architecture for Trusted Research Environments (SATRE) project is crucial for achieving interoperability. By providing a common specification, SATRE aims to standardise TRE capabilities across institutions, making operations more transparent and improving governance. This will simplify the process for researchers and ensure consistent security standards.
• Improved Public Engagement: Building and maintaining public trust is paramount. Future TRE developments will involve even greater public and patient involvement, ensuring that the design and operation of these environments align with societal values and ethical expectations. Transparency regarding data use and robust communication strategies are key.
• A Connected Ecosystem: The ultimate vision is a connected ecosystem where researchers can seamlessly access and analyse diverse datasets across multiple TREs, both within the UK and internationally, through secure, federated mechanisms. This will open up unprecedented opportunities for findy, accelerate drug development, and inform public health interventions more effectively, all while maintaining the highest standards of data privacy and security.

Conclusion: Building a Secure, Federated Future for UK Research

The journey of trusted research environments (TREs) in the UK reflects a critical evolution in how we manage and utilise sensitive data for public good. We’ve seen how TREs, guided by the robust Five Safes framework, have become indispensable for balancing the imperative of research with the paramount need for data security and privacy. From the NHS Secure Data Environment to the Scottish National Safe Haven and SAIL Databank in Wales, these environments have enabled vital research, including pivotal studies during the COVID-19 pandemic.

However, the current landscape, shaped by organic growth, faces significant challenges in standardisation, interoperability, and the seamless integration of next-generation analytical capabilities like AI and federated queries. The shift from siloed systems to a connected, secure ecosystem is not just an aspiration; it’s a necessity for the UK to remain at the forefront of data-driven research.

The future of trusted research environments (TREs) in the UK lies in federation and standardisation, driven by initiatives like DARE UK and SATRE. This will create a unified, trustworthy infrastructure that empowers researchers to harness the full potential of linked datasets securely and efficiently. The power of federated analysis, allowing insights to be drawn from distributed data without compromising its location, is the key to accelerating breakthroughs in health, social care, and beyond.

At Lifebit, we are committed to enabling this future. Our next-generation federated AI platform is designed to provide secure, real-time access to global biomedical and multi-omic data, with built-in capabilities for harmonisation, advanced AI/ML analytics, and federated governance. We empower biopharma, governments, and public health agencies to conduct large-scale, compliant research and pharmacovigilance across hybrid data ecosystems. By bringing the analysis to the data, we deliver real-time insights and secure collaboration, ensuring that sensitive information remains protected while its immense value is open uped for scientific findy.

The potential for a truly interconnected and secure research landscape in the UK is immense. By embracing federation, standardisation, and public trust, we can collectively accelerate findies that improve lives and shape a healthier future.

Explore Lifebit’s next-generation federated platform.