top of page
Search

Protecting privacy and ensuring best practice in data protection

  • INSIGHT communications team
  • 4 hours ago
  • 5 min read

Marked annually on 28th January, Data Protection Day is a timely opportunity to highlight how INSIGHT at Moorfields safeguards data, while enabling world-leading medical research.

 

Data Protection Day, also known as Data Privacy Day, commemorates the 1981 introduction of Convention 108, the first legally binding treaty protecting privacy in the digital age. Signed by the UK the same year, the treaty laid the foundations for the UK General Data Protection Regulation (GDPR) and Data Protection Act 2018.

 

The day is dedicated to raising awareness of how personal information is collected, shared, and protected. In the UK it is officially championed by the Information Commissioner’s Office (ICO), while YouGov publishes yearly results of regular polls assessing public attitudes towards data privacy.

 

When it comes to healthcare data, national surveys show that people are generally supportive of patient data being used in the NHS, depending on who is accessing the data and how the data will be used. According to research by Understanding Patient Data, 83% of British adults say they agree with the statement “I am supportive of the use of patient data in the NHS”. Research from NHS England indicates that 94% of people are happy for their data to be used for NHS research. INSIGHT’s local surveys of patients and members of the public have found that when data protection measures and the benefits of health data research are clearly explained, all those questioned support the use of routinely collected data in research.

 

This backdrop helps to provide context for how patient data is collected and protected at INSIGHT, which has grown to become the world’s largest resource of eye imaging data linked to clinical records, collected during routine appointments at Moorfields Eye Hospital NHS Foundation Trust.

 

Meeting the highest standards for research ethics and compliance

Importantly, the INSIGHT Hub has research ethics approval from the Health Research Authority (Research Ethics Committee.  This approval recognises the comprehensive standards consistently met and maintained by INSIGHT for enabling and supporting research and innovation into eye health and into systemic health where this can be informed by eye imaging (Oculomics).

 

Building on knowledge developed since the 2016 collaboration between Moorfields Eye Hospital NHS Foundation Trust, UCL and Google DeepMind, INSIGHT has embedded data protection into every aspect of its work, with patient and public oversight at its core.

 

Professor Pearse Keane, who led the Moorfields-Google DeepMind collaboration and serves as INSIGHT Director, says: "Data protection isn't a barrier to medical progress – it's the foundation that makes progress possible. Without public trust, built on transparent and rigorous safeguards, research simply cannot happen. Every patient has the right to understand how their data might be used and to make informed choices about participation."


Pearse Keane is Professor of Artificial Medical Intelligence at UCL Institute of Ophthalmology, Consultant Ophthalmologist at Moorfields Eye Hospital and Director of INSIGHT.
Pearse Keane is Professor of Artificial Medical Intelligence at UCL Institute of Ophthalmology, Consultant Ophthalmologist at Moorfields Eye Hospital and Director of INSIGHT.

 

Ensuring safety

Every application to access data through INSIGHT undergoes a three-stage governance process: 1. Initial screening to ensure adherence to the Five Safes; 2. Ethical evaluation with oversight from patients and members of the public through an independent advisory board: and 3. Final approval. How exactly does this happen?

 

1. Initial screening

INSIGHT adheres to the 'Five Safes', a nationally approved framework devised by the Office for National Statistics for making decisions about the safe and effective use of data considered to be confidential or sensitive, which includes health data.

 

The Five Safes cover:

●     Safe projects: Research serves genuine public benefit

●     Safe people: Only trained, vetted researchers access data

●     Safe data: Information is properly anonymised to protect identities

●     Safe settings: Data remains in secure research environments

●     Safe outputs: Published results cannot identify individuals

 

Safe data is an especially critical component of The Five Safes framework. Before datasets are made available for research, all identifying information – such as names, addresses. NHS numbers – is removed. Data from patients who have opted out of sharing their health data for research is also excluded.

 

2. Ethical evaluation for each data use application

The Data Trust Advisory Board (DataTAB) exemplifies INSIGHT's commitment to involving patients, the public, and other stakeholders in deciding how NHS data is used for research. As an independent panel, DataTAB reviews the ethical and patient benefit components of every data use application received by INSIGHT. Its membership represents a broad range of opinions, experiences and perspectives, including patients, public representatives, and experts.

 

Working with support from the Open Data Institute, DataTAB assesses each application using specific criteria that ensure clear clinical or public health outcomes, minimal privacy risks, adequate risk mitigation, consideration of public and patient views, value generation, and protection against disadvantaging any group or individual.

 

3. Final approval

If the DataTAB approves an application for data use, the Director of INSIGHT makes a final assessment in conjunction with the NHS Data Controller. Once a data licence or access agreement  is in place between the research organisation and Moorfields as the NHS data controller, access to an anonymised dataset is normally provisioned  within INSIGHT’s Secure Research Environment (SRE). The SRE is a widely accepted approach within the NHS for provisioning access to patient data, and an important tool for advancing scientific discovery. Through the INSIGHT SRE, researchers access the specific data they have requested, and carry out their analysis. Researchers can then export the results of their analysis without the dataset leaving the secure environment.


INSIGHT's Data Use Application governance process, from initial enquiry to data access
INSIGHT's Data Use Application governance process, from initial enquiry to data access

 

Transparency and diverse perspectives

Patient engagement at INSIGHT extends beyond the DataTAB. Patients, their families, carers, and the public from all communities are valued partners in research enabled by INSIGHT.  A dedicated Patient Representative Group meets regularly to provide input on ongoing INSIGHT activities, ensuring diverse perspectives shape the programme's direction.

 

Messaging for patients is displayed in clinics and public areas at Moorfields Eye Hospital sites.
Messaging for patients is displayed in clinics and public areas at Moorfields Eye Hospital sites.

INSIGHT also engages with patients and the public to communicate how patient data is collected and may be used to drive sight-saving research. This includes holding public engagement events, providing accessible information through leaflets, electronic message boards at Moorfields sites, and the Data Saves Sight campaign.

 

At every opportunity, INSIGHT highlights that patients have a choice to opt out of sharing their data for research purposes through the NHS National Data Opt-Out. INSIGHT openly shares details of all research projects that are approved for data access on its Data Use Register, as well as the latest breakthroughs made possible through INSIGHT.

 


If you would like to know more, or get involved, please contact us:

Phone: 020 7253 3411 ext. 6304

 

Find all the latest updates here on our News page.

 

 
 
bottom of page