Data Saves Lives: Navigating Secure Data Environments
Secure Data Environment: Access 57M Patient Records Without Data Leaks
Secure data environments (SDEs) are online platforms where approved researchers can safely analyze sensitive health data without the information ever leaving the system. Also known as Trusted Research Environments (TREs) or Data Safe Havens, these platforms represent a fundamental shift in how healthcare data is accessed for research.
What you need to know:
- Definition: SDEs are controlled digital spaces where health data stays in place while researchers bring their analysis tools to the data
- Scale: The NHS Research SDE Network holds over 57 million patient records across 43 data products
- Purpose: Enable secure analysis of sensitive health data while protecting patient privacy and building public trust
- Access: Limited to verified, approved users from academia, industry, charities, and NHS organizations
- Framework: Operate under the “Five Safes” model (Safe People, Safe Projects, Safe Settings, Safe Data, Safe Outputs)
The UK government formally adopted SDEs as policy in 2022 following Professor Ben Goldacre’s review, investing £175 million to create a network of 12 SDEs across England. This shift moves away from traditional data sharing—where copies of data are sent to researchers—toward a model where data remains centralized and researchers access it within strictly controlled environments.
Why this matters now: During COVID-19, the urgent need for large-scale health data analysis exposed the risks of traditional data sharing methods. SDEs emerged as the solution, enabling rapid research while maintaining the highest privacy standards. Today, they support 91 live research projects and have contributed to over 10,000 publications in platforms like UK Biobank alone.
As Maria Chatzou Dunford, CEO and Co-founder of Lifebit, I’ve spent over 15 years building platforms that power secure, federated analysis of biomedical data across global healthcare institutions. Throughout my work developing Secure data environment technologies, I’ve seen how they open up research potential while earning public trust through transparency and rigorous privacy controls.
Secure data environment helpful reading:
Why ‘Copy and Send’ Is Dead: The New Secure Data Environment Standard
For decades, the standard method for medical research involved “data sharing.” If a university wanted to study heart disease, the NHS would extract a relevant dataset, “anonymize” it as best as possible, and send a copy of that file to the university’s servers. While this worked, it created a massive sprawl of data copies, making it difficult to audit who had what and increasing the risk of accidental leaks.
The game changed in 2022. A landmark government review by Professor Ben Goldacre argued that this “copy and send” model was no longer fit for purpose in an era of big data and advanced AI. He recommended that we stop sending data out and instead start bringing researchers into secure, monitored environments.
This recommendation became the cornerstone of the government policy in Data Saves Lives, a strategy designed to make the UK a global leader in health data science. To back this up, a £175 million investment was pledged to build the infrastructure needed to support this new way of working.
The Origin of Secure Data Environment Policy
The COVID-19 pandemic was the ultimate stress test. We needed to know—in real-time—which treatments worked, who was most at risk, and how the virus was spreading. Traditional data sharing was too slow. However, platforms like OpenSAFELY demonstrated that you could run high-speed analysis across millions of records without ever moving the data from the GP systems where it lived.
This success proved that a Secure data environment wasn’t just a theoretical security preference; it was a superior research tool. Consequently, NHS England is funding regions to set up local SDEs, ensuring that whether you are in London, Manchester, or the East of England, the data is handled with the same gold-standard security.
Stop the Trust Gap: How a Secure Data Environment Protects Patients
The primary goal of a Secure data environment is to solve the “trust gap.” Patients are generally happy for their data to be used to find cures, but they are understandably nervous about their private information being leaked or sold. SDEs use a “belt and braces” approach to ensure this never happens.
Unlike a standard cloud folder, an SDE is a restricted ecosystem. We don’t just rely on a password; we control every single action a researcher takes. They can see the data, they can run their code on it, but they cannot download the raw patient records to their own laptop.
Implementing the Five Safes in a Secure Data Environment
To make this work, we use the Five Safes framework, an internationally recognized standard for data privacy:
- Safe People: Only verified researchers from trusted organizations (like universities or known biopharma companies) get in. No anonymous access.
- Safe Projects: The research must be for the “public good.” You can’t just browse data out of curiosity; your specific project must be approved by an ethics committee.
- Safe Settings: The SDE itself is a “locked room.” It has no connection to the open internet, and researchers work in a virtual desktop that prevents data from being copied out.
- Safe Data: Before a researcher even sees the data, it is pseudonymized. Names, addresses, and NHS numbers are removed or replaced with unique codes.
- Safe Outputs: When a researcher finishes their work, a human “output checker” reviews their results to ensure no “small numbers” (which could inadvertently identify someone) are included in the final report.
Technical Controls within a Secure Data Environment
Beyond the framework, the technical architecture is rigorous. We implement “cybersecurity by design.” This includes full audit trails—we know exactly what every user clicked on and what code they ran. In line with Information Commissioner’s Office (ICO) guidance, we also practice data minimisation. Researchers only get access to the specific bits of data they need for their approved project, not the entire 57-million-record database.
| Feature | Traditional Data Sharing | Secure Data Environment (SDE) |
|---|---|---|
| Data Location | Copied to researcher’s server | Stays in a secure, central vault |
| Privacy Protection | De-identification only | De-identification + Physical isolation |
| Auditing | Difficult once data is sent | 100% visibility of all actions |
| Data Linkage | Manual and slow | Seamless across different datasets |
| Security Risk | High (multiple copies exist) | Low (data never leaves) |
One Access Point: Reach 57M Records via Secure Data Environment
The UK isn’t just building one giant database. Instead, we have a federated network of 12 SDEs. This structure respects local data ownership while allowing for national-scale research.
At the heart of this is the national one led by NHS England. This national environment holds massive, England-wide datasets that are crucial for studying rare diseases or national trends. Supporting this are 11 regional SDEs, such as the West Midlands SDE or the London SDE. These regional hubs often hold more granular, specialist data that reflects the specific needs of their local populations.
Types of Data Held in the Network
The sheer volume of information is staggering. The national secure data environment currently manages over 57 million patient records. This includes:
- Hospital Episode Statistics (HES): Every time someone is admitted to a hospital or visits A&E.
- GP Records: Primary care data that provides a longitudinal view of a patient’s health over decades.
- Specialist Datasets: This includes maternity services data, cancer registries, and COVID-19 vaccination records.
By linking these datasets within a Secure data environment, researchers can see the full journey of a patient—from their first GP visit to their hospital treatment and recovery—without ever seeing their name.
Speed Up Discovery: How a Secure Data Environment Powers 10,000+ Studies
We often talk about the “potential” of data, but SDEs are already delivering results. By providing a safe way to analyze massive cohorts, we are speeding up the time it takes to move from a lab findy to a life-saving treatment.
Driving Breakthroughs in Health Research
The impact is visible across several major UK initiatives:
- UK Biobank: This world-renowned resource holds genetic and lifestyle data for 500,000 participants. By using an SDE model, it has enabled over 10,000 peer-reviewed publications, helping us understand everything from dementia to heart disease.
- Genomics England: Through their National Genomics Research Library, researchers are analyzing the DNA of patients with rare diseases and cancers. This has already led to faster diagnoses for children who previously faced years of “diagnostic odysseys.”
- OpenSAFELY: This platform allowed researchers to analyze 58 million GP records during the pandemic, identifying which groups were most at risk from COVID-19 in weeks rather than months.
Secure Data Environment FAQ: Cut Admin Red Tape by Months
Who are the approved users of an SDE?
Access isn’t open to just anyone. To enter a Secure data environment, you must be a verified researcher from an approved organization. This typically includes:
- NHS clinicians and analysts.
- Academic researchers from universities.
- Scientists from biopharma and med-tech companies.
- Researchers from major health charities (like the British Heart Foundation).
The UK Statistics Authority has set out standards to ensure that anyone accessing this data has the right training and a legitimate reason to be there.
What are the potential drawbacks of SDEs?
While we believe SDEs are the future, they aren’t without challenges. The Office for Statistics Regulation’s recent report on lessons learned from the COVID-19 pandemic highlighted several problems:
- Technical Learning Curve: Researchers who are used to working on their own high-powered laptops may find it frustrating to work within a restricted cloud environment.
- Standardization: Because many SDEs developed “organically,” they don’t always use the same tools or data formats.
- Operational Costs: Maintaining high-security cloud infrastructure and paying for human “output checkers” is expensive.
How do SDEs improve the efficiency and scope of research?
Despite the challenges, the benefits are clear. Research powered by data – NHS England Digital shows that SDEs actually speed up research in the long run. Instead of spending 12 months negotiating a data-sharing contract with 500 different GP surgeries, a researcher can apply to a single SDE and get access to a pre-linked, cleaned dataset. This “single-point access” turns years of administrative red tape into weeks of productive science.
Conclusion: Scale Your Research Safely with a Secure Data Environment
The transition to Secure data environments is more than just a technical upgrade; it’s a new social contract between the NHS, researchers, and the public. It says: “We will use your data to save lives, but we will do it in a way that respects your privacy and keeps your information under lock and key.”
At Lifebit, we are proud to be at the forefront of this movement. Our next-generation federated AI platform is built specifically to bridge the gap between security and usability. We enable researchers to access global biomedical and multi-omic data in real-time, providing the advanced AI/ML tools they need within a compliant, federated governance framework.
By keeping data where it lives and bringing the analysis to the data, we help organizations across five continents—including governments and biopharma—conduct large-scale research that is faster, safer, and more transparent than ever before.