Where is research data processed?
Once a data permit is granted, the research datasets are transferred to a specific secure processing environment, to which the researcher is granted a connection. These processing environments are isolated from the rest of the internet and are designed specifically to protect sensitive health data.
Research datasets are never sent directly to a researcher’s personal or organisational computer or to an unsecured cloud service.
What is a secure processing environment?
A secure processing environment is a protected workspace that a researcher logs into via a remote connection from their own computer. After logging in, a virtual computer opens on the screen – essentially a computer within a computer.
This virtual machine contains everything needed for the research, such as the research data and software for text processing and statistical analysis. The researcher performs all their work there but cannot transfer data out.
The environment has no access to the internet, and the copy-paste function is disabled. This helps ensure that sensitive data remains within the protected environment.
In simple terms: the researcher sees an image of a computer on their screen and can use its programmes, but cannot access the actual machine itself. Besides seeing the screen, the mouse and keyboard work, but the data cannot “escape” anywhere.
These environments are audited by separate information security assessment bodies and must have a valid certificate of compliance. Only assessment bodies approved by the National Cyber Security Centre at Traficom can perform these audits.
In Finland, the Finnish Supervisory Authority maintains a register of approved environments. Findata provides researchers with a processing environment called Kapseli.
How is user identity verified?
Only individuals named in the data permit are allowed to process the data. Access to the processing environment requires two-factor authentication, and all user actions are recorded in log files.
When the research ends or access rights otherwise expire, access to the environment is terminated. After that, users can no longer access the dataset.
Can data be transferred outside the environment?
No. A researcher cannot save the data onto their own computer or copy it to a USB stick or a cloud service.
When the research is completed, the researcher requests permission to publish anonymous research results. Findata verifies the anonymity of the results and transfers them out of the environment. Finally, the dataset is deleted from the environment.
Where do researchers process the dataset containing Emma’s information?
Researchers log into a secure processing environment where they analyse data of Emma and others in the target group:
E03* diagnosis date, dates of doctor visits related to the diagnosis, dates and results of P-TSH, P-T4-V, B-PVKT, P-ferrit, P-Tfr laboratory tests, dates and dosages of prescriptions in drug class H03AA01, and the length of sick leaves related to the E03* diagnosis in days.
By comparing care practices in Pirkanmaa and Satakunta, researchers can see what works and where there is room for improvement. Using the results, the care pathways can be developed so that patients receive treatment at the right time.
Once the research is complete, the results are anonymised and checked. Finally, the data is deleted from the environment.