Yang, Ya-Ting
Zhong, Xiaomin
Fahmi, Ali
Watts, Simon
Ashcroft, Darren M.
Massey, Jon
Fisher, Louis
MacKenna, Brian
Mehrkar, Amir
Bacon, Sebastian C. J.
Goldacre, Ben
Hand, Kieran
van Staa, Tjeerd
Palin, Victoria
Funding for this research was provided by:
National Institute for Health Research (NIHR130581, NIHR130581, NIHR130581, NIHR130581, NIHR130581, NIHR130581)
Article History
Received: 5 April 2023
Accepted: 22 July 2023
First Online: 16 September 2023
Declarations
:
: This study was approved by the Health Research Authority and NHS Research Ethics Committee [REC reference 21/SC/0287]. The OpenSAFELY data science platform is funded by the Wellcome Trust. The views expressed are those of the authors and not necessarily those of NHS England, Public Health England or the Department of Health and Social Care. Funders had no role in the study design, collection, analysis, and interpretation of data; in the writing of the report; and in the decision to submit the article for publication.
: NHS England is the data controller for OpenSAFELY-TPP; TPP is the data processor; all study authors using OpenSAFELY have the approval of NHS England. This implementation of OpenSAFELY is hosted within the TPP environment which is accredited to the ISO 27001 information security standard and is NHS IG Toolkit compliant [CitationRef removed]; Patient data has been pseudonymised for analysis and linkage using industry standard cryptographic hashing techniques; all pseudonymised datasets transmitted for linkage onto OpenSAFELY are encrypted; access to the platform is via a virtual private network (VPN) connection, restricted to a small group of researchers; the researchers hold contracts with NHS England and only access the platform to initiate database queries and statistical models; all database activity is logged; only aggregate statistical outputs leave the platform environment following best practice for anonymisation of results such as statistical disclosure control for low cell counts [CitationRef removed]. The OpenSAFELY research platform adheres to the obligations of the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018. In March 2020, the Secretary of State for Health and Social Care used powers under the UK Health Service (Control of Patient Information) Regulations 2002 (COPI) to require organisations to process confidential patient information for the purposes of protecting public health, providing healthcare services to the public and monitoring and managing the COVID-19 outbreak and incidents of exposure; this sets aside the requirement for patient consent [CitationRef removed]. This was extended in November 2022 for the NHS England OpenSAFELY COVID-19 research platform [CitationRef removed]. In some cases of data sharing, the common law duty of confidence is met using, for example, patient consent or support from the Health Research Authority Confidentiality Advisory Group [CitationRef removed]. Taken together, these provide the legal bases to link patient datasets on the OpenSAFELY platform. GP practices, from which the primary care data are obtained, are required to share relevant health information to support the public health response to the pandemic, and have been informed of the OpenSAFELY analytics platform.
: BG and OpenSAFELY has received research funding from the Laura and John Arnold Foundation, the NHS National Institute for Health Research (NIHR), the NIHR School of Primary Care Research, NHS England, the NIHR Oxford Biomedical Research Centre, the Mohn-Westlake Foundation, NIHR Applied Research Collaboration Oxford and Thames Valley, the Wellcome Trust, the Good Thinking Foundation, Health Data Research UK, the Health Foundation, the World Health Organisation, UKRI MRC, Asthma UK, the British Lung Foundation, and the Longitudinal Health and Wellbeing strand of the National Core Studies programme; he is a Non-Executive Director at NHS Digital; he also receives personal income from speaking and writing for lay audiences on the misuse of science. AM has received consultancy fees (from https:// inductionhealthcare.com) and is member of RCGP health informatics group and the NHS Digital GP data Professional Advisory Group that advises on access to GP Data for Pandemic Planning and Research (GDPPR). For the latter, he received payment for the GDPPR role.