Protecting personal data in epidemiological research: DataSHIELD and UK law

Susan E Wallace, Amadou Gaye, Osama Shoush, Paul R Burton

Research output: Contribution to journalArticle (Academic Journal)peer-review

17 Citations (Scopus)


BACKGROUND: Data from individual collections, such as biobanks and cohort studies, are now being shared in order to create combined datasets which can be queried to ask complex scientific questions. But this sharing must be done with due regard for data protection principles. DataSHIELD is a new technology that queries nonaggregated, individual-level data in situ but returns query data in an anonymous format. This raises questions of the ability of DataSHIELD to adequately protect participant confidentiality.

METHODS: An ethico-legal analysis was conducted that examined each step of the DataSHIELD process from the perspective of UK case law, regulations, and guidance.

RESULTS: DataSHIELD reaches agreed UK standards of protection for the sharing of biomedical data. All direct processing of personal data is conducted within the protected environment of the contributing study; participating studies have scientific, ethics, and data access approvals in place prior to the analysis; studies are clear that their consents conform with this use of data, and participants are informed that anonymisation for further disclosure will take place.

CONCLUSION: DataSHIELD can provide a flexible means of interrogating data while protecting the participants' confidentiality in accordance with applicable legislation and guidance.

Original languageEnglish
Pages (from-to)149-57
Number of pages9
JournalPublic health genomics
Issue number3
Publication statusPublished - 28 Mar 2014

Bibliographical note

© 2014 S. Karger AG, Basel.


  • Biomedical Research
  • Cohort Studies
  • Computer Security
  • Confidentiality
  • Databases, Factual
  • Epidemiologic Studies
  • Great Britain
  • Humans
  • Information Dissemination
  • Informed Consent
  • Research Design


Dive into the research topics of 'Protecting personal data in epidemiological research: DataSHIELD and UK law'. Together they form a unique fingerprint.

Cite this