Skip to content

Information for the Public

About the SDE

The East of England Secure Data Environment (SDE) is a digital platform that allows approved researchers to securely access de-personalised patient data for health research.

Using the East of England SDE, researchers from the NHS, universities, charities or commercial organisations can apply to access data from de-personalised patient records from people treated in NHS settings in the East of England, for research to improve public health.

eoe_regions

The area

The East of England includes the following regions, with a total population of 7 million people:

  • Norfolk and Waveney
  • Cambridgeshire and Peterborough
  • Suffolk and North East Essex
  • Bedfordshire, Luton and Milton Keynes
  • Hertfordshire and West Essex
  • Mid and South Essex

Privacy, Security and Integrity

All applications are reviewed against the same strict and consistent set of criteria to ensure they are safe, and that the research is in the public interest.

Research is vital to improve the way that we prevent, predict, diagnose and treat health conditions. The East of England SDE makes research using NHS data safer and easier, while maintaining patient privacy and retaining control of that data in the NHS.

The East of England SDE protects the privacy, security and integrity of NHS patient data during research by using:

  • Anonymisation all directly identifying information is removed from the data before researchers use it 

  • Security testing and accreditation the SDE has been built to industry-leading standards of cybersecurity and has been independently tested

  • Minimisation researchers will only receive access to the specific data required for their approved research 

  • Environment controls researchers can only access the approved data within the controlled environment of the SDE, where they cannot copy, delete, remove or change the data

  • Exit controls research outputs are manually checked to ensure that no information that could be re-identified is removed from the SDE

  • Verification researcher and organisation credentials and experience are validated before access

  • Contractual controls researcher organisations agree to legally-binding terms and conditions for use of the data  

  • Benefit to public health assessment all applications for data access are assessed by an independent panel, which includes members of the public, against consistent and well recognised standards to determine whether they are in the public interest

Who decides who can access the data?

Every researcher who would like to access patient data using the SDE will need to make an application that states who they are, what they are researching and what data they need. All applications, whether they are from NHS, university, charity or commercial researchers, are assessed against the same criteria for safety, security and public interest.

The Data Access Committee

The East of England SDE Data Access Committee (DAC) will assess every application against a consistent set of criteria to decide whether the researcher will be allowed to access the requested data in the SDE.

The DAC is made up of data, health, research and privacy experts from NHS and research organisations and, crucially, patients and members of the public. The DAC can also request additional expertise (including from people with lived experience) to help support decisions about specific projects.

How does the committee decide each project?

The committee assesses each application against an agreed set of criteria that has been developed with our public advisory group, aligned with national best practice.

The criteria are based on the 'Five Safes' framework developed by the Office for National Statistics. The Five Safes are a set of standards which enable data services to provide safe research access to data.

The principles are:

  1. Safe Data
  2. Safe Research
  3. Safe People
  4. Safe Settings
  5. Safe Outputs

Leaflets

You can read more information about the SDE in our leaflets below. Please get in touch if you would like to discuss printing leaflets.

Get involved

The data available for research through the East of England SDE ultimately comes from NHS patients across the region and we want to hear from you!

There are a variety of ways that people can get involved and have their say on use of NHS data for research through the East of England SDE.

Sign up for our newsletter

Want to stay up to date with what is going on and hear about events, involvement opportunities and developments in the SDE?

Subscribe to our newsletter and receive regular updates direct to your inbox

newsletter_img

Complete a short survey

Our anonymous survey is open to any one resident in the East of England and is quick to complete. Completed eligible surveys go into a monthly prize draw for a shopping voucher.

survey_img

Apply to be part of our Core Public Advisory Group

Our Core Public Advisory Group (CPAG) is made up of people from across the East of England who are interested in research using health data to be part of a Core Advisory Group. This group has been working with the project team since November 2023 to provide a patient and public perspective on the development of the Secure Data Environment.

cpag_img

Apply to be a public member on the Data Access Committee

Decisions about who can access NHS patient data in the SDE are made by our Data Access Committee (DAC), of which 50% are public members. Members of the DAC read and discuss project applications, and help decide whether they should be approved.

dac_role_img dac_eoi_img

View and share our Get Involved poster

Do you work with people who might be interested in getting involved? You can share our Get Involved poster

View on Canva

poster_img

We have been working with people living in the East of England to understand what is important to them about how their NHS data is used within the Secure Data Environment (SDE).  If you would like to know more about what we have learned, and the difference it has made to the SDE, you can read through the information and reports below.

Healthwatch Report

In summer 2024, we partnered with Healthwatch organisations across the East of England to hold 6 community engagement events in local communities. At these events, we discussed how to explain how the SDE works, how decisions should be made about who can access data from the East of England and the options for people to Opt Out. The findings from these events and how they have influenced the development and use of the SDE are summarised in the report below.

-📝 Healthwatch report

Quarterly reports

We continue to work with our Core Public Advisory Group (CPAG), meeting regularly to discuss how the SDE works and to advise on important developments, such as when new data are to be added to the SDE or how the Data Access Committee should make decisions about data. We summarise our findings from CPAG meetings, along with information from our ongoing survey and public engagement work in quarterly summaries, which you can read below.

-📝East of England PPIE Quarterly Report: Jan-Mar 2025 (PDF)
-📝East of England PPIE Quarterly Report: Apr-Jun 2025 (PDF)

Want to get involved?

If you live in the East of England and would like to get involved in the SDE, check out our opportunities on our Involvement page.

Our SATRE Evaluation

What is SATRE?

SATRE (Standardised Architecture for Trusted Research Environments) is a national framework developed through the DARE UK programme. It helps Secure Data Environments (SDEs) measure their maturity and compliance with best practice standards for security, governance, and data management. SATRE promotes transparency, consistency, and trust in how health data is accessed for research. Learn more on the DARE UK website.

Why did we take part?

The East of England SDE participated in the SATRE self-assessment as part of the VISTA programme. This national initiative supports secure, ethical, and efficient data access for research. Our evaluation helps demonstrate compliance with national standards and identify areas for continuous improvement. These standards build on our existing commitments to safeguarding data through robust privacy, security and integrity measures, detailed here.

Headline Results

Our SATRE scores show strong performance across all mandatory requirements, confirming that the East of England SDE meets essential standards for security, governance, and operational resilience.


satre_results

For full details, visit our SATRE evaluation on the official site and our downloadable PDF report here.

What does this mean for the SDE?

The East of England Secure Data Environment demonstrates strong compliance with national standards for security and governance, making it a reliable platform for health data research. High scores in mandatory areas confirm robust foundations, while recommended and optional areas highlight opportunities for enhancement in usability and advanced features.

What’s next?

We will continue improving by:

  • Making it easier to set up systems and automatically keep track of important details about the data.
  • Improving staff training, adding simple dashboards to show progress, and upgrading tools to check quality.
  • Adding powerful new features like faster computing and stronger protections to keep sensitive information secure.

These steps will strengthen resilience, usability, and innovation, ensuring the East of England SDE remains a leading example of best practice.

Opting Out

If you are happy for your de-personalised NHS data to be used for approved research through the East of England SDE, you do not need to take any action.

If you have questions or concerns, you are welcome to ask the SDE team by emailing us at cuh.eoe.sde@nhs.net or check the information on this site.

If you do not want your NHS data to be used for research through the East of England SDE, you can opt out using one of the options below. You do not need to do both opt outs.

The East of England SDE opt-out

If you choose this opt-out, your NHS patient data will not be used in any research that takes place within the East of England SDE, but may still be used for other applicable research, such as, research using your data through an SDE in another region.

The East of England SDE opt out will apply to research projects that occur from the point of opt out, but will not apply to projects that took place before the opt out was registered.

You can make, check or change your choice:

The National Data Opt Out (NDOO)

If you choose this opt-out, NHS England and other health and care organisations will not be able to share any of your personal data with other organisations for research and planning, except in certain situations, such as, when required by law.

Visit nhs.uk/your-nhs-data-matters/ for more information.