5.5.1 Data protection and confidentiality requirements
When your research involves data or information about people, requirements largely depend on whether you will access and use identifiable or anonymised data.
You can find out more about these requirements in using data about people in research.
If you plan to access confidential patient information without consent in England and Wales, you will need Section 251 support from the Confidentiality Advisory Group. Scotland and Northern Ireland have equivalent arrangements.
To learn more, please visit ‘accessing identifiable information without consent’ in Using information about people in health research.
5.5.2 Health data discovery and access
Use the Health Data Research UK (HDRUK) Innovation Gateway to discover what data is available from central NHS providers and others.
Data is not held by HDRUK but by different organisations. The gateway provides the means to contact some organisations and apply for data access, although for most, you will need to apply directly to individual organisations (or data custodians).
Please see the MRC Health Data Access Toolkit for the approvals you will need. This includes details of the approvals you will need when accessing NHS data from central providers or direct from NHS care organisations.
Accessing data takes time. If there are bespoke linkages and complex approvals, it can take over six months. Please build this into your grant.
If you are accessing identifiable information or collecting data from research participants, consent and confidentiality are very important. MRC expects your research organisation to have policies in place to manage confidentiality and the privacy of your participants.