Guidelines

To find relevant datasets, enter your free-text searches into the search bar at the top of the page.

Once you have used the free-text search, a summary card for each relevant dataset will be displayed in a list view. By clicking onto each result, you can view a detailed metadata summary of each dataset and, if appropriate, enquire about access. In addition, you are able to sort the search results by date published or further refine by using the following filters:

  • License
  • Publisher
  • Physical Samples
  • Age Band
  • Geographic Coverage
  • Jurisdiction

In order to enquire about access to datasets, you will need to have signed in using your institutional single sign-on. To sign in, click the ‘Log in’ button at the top of this page, or navigate to the top right-hand corner of each page once you have entered the Gateway.

If you are logged in, you are able to save your search with any applied filters. To access your saved searches, navigate to ‘My Searches' tab on the top left-hand corner of the screen.

All requests for access will be reviewed by the data custodians in line with their information governance requirements and responsibilities under UK legislation. Access will not be provided without meeting information governance requirements.

Before submitting an enquiry for data access, you need to consider the following as this information will be required by data custodians:

  • Specific information governance and access requirements for the given dataset: where available, this is given in the Data Access section of the dataset page.
  • Ethical Approval for proposed use. The Medical Research Council provides a decision tool to determine if your study requires approval from an NHS Research Ethics Committee. To access the tool, click here. Alternatively, you can find this guidance on the HRA website, which applies to England.
  • Legal basis for accessing and processing data.
  • Data Sharing Framework Contract and/or Data Sharing Agreement. Some Data Custodians require your organisation to sign a Data Sharing Framework Contract (organisation / department level) and Data Sharing Agreement (study / project level). It may be worthwhile confirming whether your organisation has already signed a Data Sharing Framework Contract with the Lead Data Custodian, and whether this includes / covers your Department. Note that only a legal entity can sign a Data Sharing Agreement.
  • Data Security and Protection Toolkit. The Data Security and Protection Toolkit (DSPT) is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards. All organisations in England that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly. Some Data Custodians require completion of the Toolkit and independent audit of the self-assessment . You can check the status of your organisation’s DSPT assessment here. If your organisation has completed the Toolkit, you should confirm with your local Information Governance or IT security experts whether the arrangements for your study will be covered in this Toolkit return. More information is available from NHS Digital.

The Medical Research Council Regulatory Support Centre provides a range of support and guidance for those conducting research with health data. This includes the Health Data Access Toolkit that helps researchers navigate the processes required to gain access to routinely collected NHS health data. You can find this Toolkit and other resources on the MRC website.

Once you have been directed to the appropriate data custodians, they will guide you through the process to submit your enquiry for access to the health data, in line with legislation and information governance requirements. This process varies between data custodians.

Overall, you are required to clearly demonstrate that your enquiry is being made to support the provision of health and social care, and the promotion of health. To do this, you can be expected to complete an application form and may be asked to provide the following material

  • A clearly defined research study / question(such as a study protocol), research purpose and clearly defined the outputs/dissemination.
  • A legal basis for accessing the data. For example, evidence of patient consent or section 251 approval
  • Security arrangements, such as IG Toolkit and ISO 27001
  • Evidence that you are complying with the GDPR
  • Clear indication of the data being requested, including the data sets and the specific data items / elements
  • Confirmation who will process and manage the data and/or, if applicable, who will link the data sets
  • Confirmation of the authorised data sharing agreement signatory within your organisation

The data custodian expert will be able to advise you what data sets should be requested, and whether multiple requests need to be submitted. In general, if multiple data sets are required for the same purpose, i.e. research study, you will need to complete one request which will be assessed through one process. If you require multiple data sets for different purposes, i.e. multiple research studies, you will need to complete a request for each purpose.

You are recommended to discuss your requirements with the appropriate data custodian experts, in particular any requests for data linkages. They will have knowledge of any limitations and constraints in this area, as well as governance requirements. In addition, they may also be able to advise on approaches to link the datasets, if you require this particular service. Some datasets are already linked on a regular basis. It is expected that once an enquiry has been approved, access to these pre-linked datasets can be provided within reasonable timescales defined according to the data custodian policies.