We follow a systematic, proactive approach to information security management. Our strategic and operational security initiatives make sure any vulnerabilities are highlighted and potential threats quickly mitigated.
Our rigorous approach allows us to maintain the confidentiality, integrity and availability of the information and data we hold. Data security assurances give data owners, distribution partners and users confidence in us - bolstered by our secure data handling procedures, physical security and certification under ISO27001.
We have developed a three-tier data access policy: open, safeguarded and controlled, which applies to all types of data we work with, from surveys to qualitative data to big data sources. Its simplicity has led to it being adopted by many other data providers. While we use this to classify our data collections, we have started to apply the principles to files and variables in our big data work.
For safe use of controlled data in our Secure Lab, we use the Five Safes framework, which includes: making sure data does not include direct identifiers, project approval by data owners, dedicated researcher training, secure environments and output checking. This approach has been adopted by a range of secure labs, including the Office for National Statistics. This framework is used to support publishing datasets, access to datasets and the creation of new data products.
We are highly regarded for our expertise and training in data licensing and research governance, and in research ethics for data sharing and reuse. Where we can we support the needs of large investments and Research Ethics Committees, alongside individual researchers and repository managers.