The CVDL seeks to utilise principles (usually discussed in the context of the 5 Safes Framework) to confidentialise and protect data it provides access to, or releases, from re-identification risks.
Two broad complementary approaches exist for managing re-identification risks:
- control the context of the data release - important when managing re-identification risks as it allows for more detailed data to be made available to approved researchers in a safe manner
- treat the data - decisions about the level of data treatment required can only be made after determining the release context
The release context includes:
- the audience who will have access to the data
- the purpose for which the data will be used
- the release environment
The CVDL also utilises subject matter experts (in relation to the field, subject or project in question) to assess the likelihood and impacts of spontaneous re-identification (i.e. someone that knows the field, subject or project type being able to re-identify someone or an organisation by looking at the data or how it is presented).
Unless otherwise agreed, the below confidentialisation rules will be deployed for users external to DH and DFFH requesting linked data (outside of VALT);
- All individual names removed
- Date of Birth (DOB) is not provided, only 5-year age groups are provided.
- Statistical Local Area (SLA), where possible, is provided as the lowest geographic level. All addresses and postcodes are removed.
- Where possible, all public service providers e.g. campus codes are encrypted as random numbers, consistent across years. Private service providers are encrypted as ‘0’ only.
- Service dates are provided as a month-year field, where required, it may also be provided as an encrypted date (to allow for time elapsed calculations).
- Any other personally identifying information is removed.