The UCL Data Safe Haven has criteria for applicants that apply because of legislative, regulatory and contractual requirements. Learn whether your project is eligible before requesting space.
The Data Safe Haven offers enhanced security over standard UCL infrastructure where highly confidential information requires this. Confidential information needs to be handled legally and in an accountable way.
- Accountability is ensured by having a UCL staff contract holder set as the information asset owner. Honorary members of UCL and external users cannot be the owners of Data Safe Haven shares.
- Legal responsibility for personal data is determined by the Data Controller. Research projects must have a clear, documented legal basis for using UCL services before they can enter the Data Safe Haven, such as a consent form and participant information sheet (where these apply).
- To ensue that risks are reduced where possible and that data is handled in accordance with contracts, SLMS Information Governance Advisory service ensures that prospective owners of research projects on the Data Safe Haven provide a statement of accountability for the research project before they become eligible.
If any one of these criteria are not met then recommendations will be made at the outset to reconsider the formal arrangements of a research project before collecting any data on UCL services unless the information is deemed to be not highly confidential and thus not requiring the Data Safe Haven.