Home
Contact
Contact
Home page
Contact

Navigation breadcrumbs

  1. Home
  2. Protecting your data

How we protect your data

All information will be stored to the highest industry and professional standards within our Trusted Research Environment.

Trusted Research Environment

To hold all data safely and securely, we use a Trusted Research Environment. This is a highly secure computing environment that provides remote access to health data for approved researchers.

Personal data (e.g. name, address) will be stored separately from research data. Only the Heartburn Health team will have access to personal data.

Researchers will only be able to access non-identifiable data specifically needed for an approved study in the Trusted Research Environment. They will not be able to remove data from the environment, meaning only approved analysis can be done.

The Trusted Research Environment allows us to maximise use of the data to advance research into heartburn, while ensuring the data is safe and secure.

The ‘Fives Safes’ Model

Data will always be kept safe and secure and will be used responsibly to ensure privacy. To make sure these high standards are met, we will follow the ‘Five Safes’ Model:

[add image from HDR UK]

Regulations and oversight

All personal details and programme data will be protected in accordance with the Data Protection Act (2018) and UK General Data Protection Regulation. Together, the University of Cambridge and Cambridge University Hospitals NHS Foundation Trust are Data Controllers for the trial. This means that they will make decisions about how the data can be used. Queen Mary University of London will act as the Data Processor for the trial. This means that they will be responsible for handling the data safely. Queen Mary University of London is currently responsible for hosting the Heartburn Health database.

The Queen Mary University of London Data Protection Officer provides oversight of QMUL activities involving the processing of personal data and can be contacted via data-protection@qmul.ac.uk.

Queen Mary University of London may store personal details with a contracted GDPR compliant third-party storage provider within the UK, where they are the best data storage option. Some employees of the third party will have access to personal details and trial data if needed for their role. They are required to keep your personal details and trial data strictly confidential.   

Queen Mary University of London have a responsibility to keep information collected about you safe and secure. They also have responsibility for ensuring the highest integrity of research data. Specialist team within Queen Mary University of London will continually assess and ensure that data is held in the most appropriate and secure way.   

If you would like more information about how your data will be processed in accordance with UK GDPR, please visit the links click here: Queen Mary, University of London data protection statement

In the event of a security breach

We are using every safety measure to ensure the information we hold is secure. This includes meeting standards set by the National Cybersecurity Centre and the NHS. However, there is always the risk of a security breach. In the unlikely event this occurs, someone could access the information we have.  If a security breach ever happens, we will notify everyone affected as soon as possible.