Information Services Division


Data Security & Protection Toolkit at UCL

Information about UCL's single Data Security & Protection Toolkit.

UCL manages a single Data Security & Protection Toolkit which relies on established policies, infrastructure, contracts and information governance processes, for health research purposes.

Research projects are required to register and undertake information governance assurance steps before they can apply to NHS bodies and use UCL's Data Security & Protection Toolkit, outlined here: Data Safe Haven Assurance

It is only possible to comply with UCL's Data Security & Protection Toolkit if all data in scope of the Toolkit are held on the UCL Data Safe Haven while the NHS approval sought is in place.

Once registered, users will be notified about their responsibilities initially and periodically, to renew assurances. For example, users will be expected to maintain training in line with the Information Governance Training Policy.

UCL must have a full staff member integrated into the research project who is accountable for some aspect of the overall project before UCL's Data Security & Proteciton Toolkit can be used.

To use the Data Security & Protection Toolkit in UCL, the Information Governance Advisory service (infogov@ucl.ac.uk) will provide the required details of the Toolkit to the research project owner on request, once the necessary assurances are given by the research project.