FAQs

The NHS Federated Data Platform (FDP) is a computer system that helps NHS services work better together by safely connecting and using data they already have. It helps improve care for patients and plan services more effectively. FDP will not be used for research purposes, where the Secure Data Environments will be used to support both research and planning.

Find out more in the video below:

Identifiable data contains information that can directly or indirectly identify specific individuals. This includes personal identifiers like a person’s name, address, and age.

De-identifiable data has had personal identifiers removed or altered to prevent identification of individuals. The process often involves:

• Removing direct identifiers (names, addresses, identification numbers)
• Generalising specific details (using year of birth instead of full date, or partial postcodes instead of full ones)
• Using pseudonymisation*, where personally identifiable information is replaced with artificial identifiers

*Pseudonymisation helps keep personal data private and secure, especially in research or data analysis. It means people’s information can be used without exposing who they are.

The Yorkshire & Humber Secure Data Environment complies with General Data Protection Regulation (GDPR) and UK Data Protection Act requirements. It means that the data inside the SDE is de-identifiable. Researchers access de-identified data for their analysis inside the SDE and can’t find whose data it is.

Find out more about levels of  at Identifiability demystified by Understanding Patient Data

There are occasions where you can remove lots of pieces of (i.e., address, date of birth, etc.) but through the rest of the information a person could still be identified. For example, if you were looking at who is a teacher and number of smokers and who is a non-smoker in a small town you could by having a narrow pool of people be able to guess who the smokers are. This is called ‘indirectly identifiable data’.

Although this is not very common, every piece of analysed data is checked by trained specialist staff in a process known as Statistical Disclosure Control (also known as ‘output checking’). To make sure this kind of indirectly identifiable data never leaves the Secure Data Environment, the specialist staff check every piece of analysed data (including charts, tables and graphs) to make sure it would not indirectly identify an individual.

Yes, you can always opt-out from your data being used in research. To opt-out, you can use the national or GP data opt-out services provided by NHS:

• Online: Visit the National Data Opt-Out website: Opt out of sharing your health records – NHS (www.nhs.uk)
• NHS App: Log in to your NHS App, navigate to your account settings, and find the “Health data sharing decision” or “Choose if data from your health records is shared for research and planning” section.
• Phone: Call the helpline at 0300 303 5678.

A young person from age of 13 is able to set their own opt-out, which aligns with the minimum age at which children can give their consent to participate in digital services as set out in data protection legislation. Children under 13 and those who lack capacity are not able to set an opt-out themselves.  In these cases, individuals who have a formal, legal relationship to act on behalf of them (i.e. somebody who has parental responsibility, a lasting power of attorney or court appointed deputy) are able to set an opt-out on their behalf by proxy.

If you choose to stop your records being used for research and planning, your data might still be used in some situations. Learn more here: https://www.nhs.uk/your-nhs-data-matters/where-your-choice-does-not-apply/

If you want to check if you have opted out, you can enter your details again at Make your choice or check your settings in the NHS App.

At the Yorkshire and Humber SDE our database includes detailed health data on patients such as Yorkshire Ambulance Service data.

Have a look at the most updated list of what data is available and what research projects they are being used for in the Yorkshire and Humber SDE, check our Data Use Register.

Here are key ways you can stay informed about the impact from the research projects used the data held by Yorkshire and Humber SDE:

1. Publications and papers: You can explore the success stories showing how our data has already been used and impacted research by visiting our news section, where you’ll find information about publications, papers, and breakthrough research outcomes.
2. Monthly newsletter: Stay up-to-date with the latest developments by subscribing to our monthly newsletter. Subscribe here.

Only approved people, with approved projects, are allowed to analyse data, and only approved non-identifiable outputs can leave the environment. Those who could analyse the data include eligible researchers from:

• NHS providers and commissioners who use data to monitor trends and patterns in population health, hospital and care activity, to assess how care is provided, and to support local service planning.
• University researchers who use data to understand more about the causes of disease, to develop new ways of diagnosing illness or to identify ways to develop new treatments.
• Charities who use data to evaluate services, advocate for patient communities and identify ways to improve care.
• Companies who use data for many reasons, for example if they are partnering with the NHS, developing drugs or providing services.

To begin a research project with the Yorkshire & Humber Secure Data Environment (SDE), your first step is to submit the Data Availability Form. This form helps our project management team understand your research objectives and the specific data you require.

You can submit the form via the central Yorkshire & Humber SDE website or by  email.

Once we receive your enquiry, we’ll assess whether the SDE holds the data you need. If the data is available, we’ll proceed with the next steps in the data access process described here.

The cost of accessing data varies significantly depending on multiple factors, including the type of data requested, the services provided (such as data processing, analysis, or technical support), and the specific tools required for your project.

After completing and reviewing your Data Access Request Form with all necessary information in place, you’ll receive indicative costs that reflect the scope and complexity of your project based on these various factors. This process typically takes up to 4 weeks, and we aim to provide the most accurate estimate possible tailored to your specific requirements.

Our ever-expanding list of datasets contains a wealth of data covering our entire region, including:

• Primary Care (GPs) data
• Secondary Care data
• Mental Health data Population Health data
• Social Care
• Education data
• Ambulance data
• Environmental data

Check what other datasets are available at the Available datasets page.

Yes, you are able to bring your own code, but you must first have a signed Data Sharing Agreement (DSA) and be a logged-in, approved researcher. Once logged in, you will have access to our virtual workspace where you can use standard tools like RStudio or Databricks to work with existing code, or you can bring your own custom code as a reference file or tool, subject to security and technical review by our Data Management Team.

We offer R, R Studio and Python for all statistical analyses. If you require additional software, then we will provide these to you, but they may require a license fee.

For R and Python, we support access to the R-CRAN and PYPi repositories. For any packages or libraries not in the repositories, individual security checks will be required to bring these into the SDE.

For researchers who have built their own research container (e.g. Docker), we support containers. This may be useful for certain kinds of research, such as Machine Learning or AI.

Only approved data users, with approved projects, are allowed to access and analyse data, and only approved non-identifiable outputs can leave the environment. Those who could access the data include eligible researchers from:

• NHS providers and commissioners who use data to monitor trends and patterns in population health, hospital and care activity, to assess how care is provided, and to support local service planning.
• University researchers who use data to understand more about the causes of disease, to develop new ways of diagnosing illness or to identify ways to develop new treatments.
• Charities who use data to evaluate services, advocate for patient communities and identify ways to improve care.
• Private sector organisations who can use data to develop drugs or providing services, for example if they are partnering with the NHS.

Note that all submitted projects undergo a rigorous review process by the Data Access Committee, which reviews each Data Access Application from a public benefit perspective.

At the Yorkshire and Humber SDE we use of pseudonymisation-at-source as well as the ingestion of identifiable datasets;

identifiable data will be held separately and not made available to researchers. Where re-identification is required by a project (for example, for intervention or trial recruitment) work will occur on pseudonymised data and the reidentified data will land back on the clinical side for use by teams who already have legitimate access to identifiable data (eg the team already caring for a patient or similar)

The SDE operates on the principle of least privilege when it comes to dataset access. A researcher working on multiple projects should not be able to simultaneously access datasets from more than one SDE project (technical solution) and prevented from simultaneously accessing other patient-level data (identified or pseudonymised) by agreements made on sign-up to use the SDE (legal solution).

Our SDE complies with all standard processes to ensure privacy, including ensuring that governance and ethical approvals cover data being used for research purposes, and that research outputs are safe with avoidance of small numbers and adhere to governance processes around other sensitive data.

For more details, have a look at our security promise.

The Yorkshire and Humber SDE supports various methods for data ingestion, offer in-situ or remote data analysis to minimise costs and administrative burdens. Local data teams can administer their own data within the SDE or agree to have it administered by a central SDE team, ensuring separation, and user-and-role-based access will prevent unauthorised access or mixing of datasets.

Our SDE encourages local control over data use while also providing support from the central team. This allows for flexibility in how projects are approved and managed, depending on the preferences of the data provider.

Please feel free to contact us via email at YHSDE@bthft.nhs.uk and we will get back to you as soon as possible with detailed guidance on data uploading procedures. When you reach out, please include some basic information about your dataset (type, size, format) so we can provide you with the most relevant instructions and support.

We are constantly open to new collaborations and would welcome the opportunity to work with you on integrating your data into our system.

We take data security extremely seriously and follow the national policies, guidelines and best practices to prevent any breach or leak from occurring. You can find out more about our comprehensive data security approach here.

Should any security incident occur, we are committed to maintaining full transparency with all our stakeholders. We will immediately communicate the nature of the incident, the steps we are taking to address it, and all measures being implemented to mitigate security risks and prevent future occurrences.

Every time the patient interacts with services, like visiting GP practice, local hospital or care house, the NHS collects their health information. While the primary purpose of collecting this data is to ensure patients receive efficient care, it has a potential for broader healthcare improvements. Researchers can analyse de-identified patients data to investigate new treatments, develop new drugs and improve healthcare services. 

The Yorkshire & Humber Secure Data Environment (SDE) is a secure platform that allows trusted researchers to access de-identified data for their approved projects. When the patients allow researchers to use their de-identified data, they are directly contributing to better healthcare that can benefit them, their loved ones, and our communities.

We encourage you to check the resources page for communications and marketing assets you can download and use in your work with patients.