Part of the integrating authority’s role in managing integrated datasets is to provide data users with secure access to the data as specified in the project agreements (See Finalise project agreements). It is recommended that data users be provided with integrated data for their specified research after it has been merged and confidentialised by the integrating authority, according to the requirements of the data custodians. For information on confidentiality, and how to confidentialise data, see the confidentiality section.
In accordance with High Level Principle 6, it is recommended that data users only be given access to identified or potentially identifiable data where:
- legislation allows;
- it is necessary to achieve the approved purpose of the projects; and
- it meets with agreements with data custodians.
When providing access to integrated datasets, integrating authorities should:
- provide information and training on privacy and confidentiality requirements as specified in project agreements; and
- provide accompanying metadata, including information on data quality.
When providing access to integrated datasets, it is the responsibility of integrating authorities to:
- provide access in a secure manner that meets any special requirements of data custodians;
- include information on the penalties that apply for misuse of the data;
- ensure the uses of the integrated datasets comply with the project purpose;
- ensure that information on cost-recovery (where applicable) is provided and applied consistently; and
- ensure that legal undertakings (where required) in relation to unauthorised disclosure of identifiable data and other breaches of conditions of access are signed by data users prior to access.
Data access agreements between the integrating authority and data users should set out the conditions and arrangements for accessing and producing output from the integrated dataset. The conditions and nature of access may vary from project to project according to the requirements of data custodians. For more information, see finalise project details.
The potential harm from an unauthorised disclosure of identifiable information cannot be underestimated, particularly if the disclosure is deliberate or malicious. Such situations must be treated very seriously. Please see the data breaches section for information on what to do in the event of an unauthorised disclosure.
Working in partnership to disseminate integrated data
The integrating authority can work in partnership with other agencies to provide secure access to the integrated data for research purposes.
This may include using an on-site or a remote access data laboratory such as the Secure Unified Research Environment. Data laboratories enable data users to access de-identified data in a secure environment that does not allow access to the internet, printing, the use of removable media or sharing of files between projects. Only research output assessed for confidentiality can leave the data laboratory.
For more information see, outsourcing or working in partnerships.
For more information on the project delivery phase see:
- Extract and transfer data
- Preparing for linking
- Linking and merging of data
- Access to integrated data
- Analysis of integrated data
- Evaluation and project completion