How Linkage to Health Records works

How Linkage to Health Records Works pdfDownload

How Linkage to Health Records Works 

This page explains how health record linkage works, how data is kept safe and secure, and what this means for participants. If you have any questions, please contact the study team at CSS Biobank 

Linkage to Health Records 

Linkage to health information in electronic medical records is managed across the NHS in England, Scotland, Wales and Northern Ireland (by NHS Digital Health and Care Wales). The NHS works with the UK LLC to link health record data to CSS Biobank study data, such as CSS Biobank questionnaire data, and make it available for research in a safe and secure way. 

This video shows how the LLC links data

These are the steps that take place to link health records with study data: 

The CSS Biobank study team will create two sets of data: 

  • One set contains participant’s personal details (like name, date of birth, and NHS number) and permission information. 
  • The other contains CSS Biobank study data (the data we want to link to health records such as questionnaire data) but no personal details. 

Both sets of data include unique CSS Biobank numbers so they can be matched with health record data. 

The file with personal details is securely sent to the NHS to find health records. The CSS Biobank number is encrypted to protect identities. 

Once the NHS has found health records, personal details (name, NHS number, etc.) are removed. These identifying details are stored securely and not shared. 

The remaining health information (now pseudonymised) is securely sent to the Secure eResearch Platform (SeRP) Gateway at Swansea University, where it is linked to the CSS Biobank study data using the CSS Biobank number. 

Once linked, the pseudonymised dataset is stored in a Trusted Research Environment (TRE) by the UK LLC. A TRE is a highly secure computer system where: 

  • Only approved researchers can access the data 
  • Data cannot be copied or removed from the TRE 
  • The data in the TRE does not include names, addresses, dates of birth, NHS numbers, or any other personal identifiers (like the names of hospitals). 
  • Researchers will never be able to identify participants from the linked data. 

All data in the UK LLC is pseudonymised and subject to Five Safes governance principles. The Five Safes is a well-established framework used to manage and govern access to sensitive data in a way that protects privacy while enabling valuable research.

Further Information 

  • The UK Data Protection Act 2018 gives you rights over how personal data is used. The UK LLC supports and respects these rights. To learn more, you can read the full UK LLC privacy notice
  • The laws and legal principles relating to longitudinal population study data (such as CSS Biobank data) are summarised here