There will be an opportunity to “federate” databases in CADRE. “Federating” means that researchers can analyse data from CADREs in different regions without the need to pool all the data together. The technology which CADRE uses allows for “privacy-preserving federated analytics” – this enables researchers to generate anonymous outputs of their analyses, without the need to transfer identifiable patient-level data outside of a third-party provider’s environment.
This approach will help to:

• Access a larger sample of patients, increasing the diversity and representativeness of a cohort hence improving the quality of research studies and making the research relevant to a wider group of people;
• Explore rarer conditions and sub-groups;
• Safely create large, de-identified datasets, in line with guidance from the Information Commissioner’s Office (ICO). These datasets will help create machine learning algorithms which require large samples, to predict large outcomes.

Because federated analysis (which involves analysing multiple datasets) can be carried out between different CADREs (or other databases, for example), we need to have accountable organisations at federation level – i.e., an organisation which would oversee how people’s data is used across the entire CADRE network.

To do this, a Data Federation Governance Group (DFGG) will oversee data processing between two or more research environments, including CADRE, according to the Data Federation Framework and ensuring that all data protection laws, confidentiality rules, and ethical practices for health data sharing are followed.

The Data Federation Governance Group includes representatives of:

• Cambridge and Peterborough NHS Foundation Trust
• Cambridgeshire Community Services NHS Trust
• Cambridge University Hospitals NHS Foundation Trust
• Cambridgeshire County Council
• Huntingdonshire District Council
• Peterborough City Council
• University of Cambridge
• New CADREs established in other regions
• Any other trusted research environment that joins the federated CADRE network
• Patient and public representatives
• Clinical and subject matter experts

These organisations have been actively involved in developing our information governance framework, along with our wider patient and public involvement (PPI) groups.

To become a member of the CADRE federated network, organisations will have to meet several requirements and be approved by the Data Federation Governance Group. For example, they will need to:

• Be based, and store data, in the United Kingdom or in a country recognised by the United Kingdom as providing a similar level of personal data protection via an “adequacy decision”,
• Be registered with the Information Commissioner’s Office (ICO),
• Have completed the NHS Data Security and Protection Toolkit or another internationally recognised information management accreditation such as ISO or SOC,
• Provide existing data sharing agreements regulating their environment, a data protection impact assessment and privacy notices to inform patients.

In addition, the Data Federation Group will oversee the Federated Research Approval Group. This committee will have delegated authority to review and approve research requests for projects which require access to data across multiple CADREs. Its membership will be similar to the Data Federation Governance Group so that each member of the federation can decide whether to allow the processing of data within its environment for the purposes of a specific study.

CADRE is not a legal entity, but an environment that enables research, including federated analysis, to be carried out. The organisations involved in the CADRE data federation are the legal entities and data controllers managing CADRE.

According to the CADRE sharing agreements, each organisation must comply with all data protection principles and prove they meet any relevant regulatory requirements. The access committees will review applications according to the UK General Data Protection Regulation (UK GDPR), including the principles of:

Fairness, Lawfulness and Transparency 
Part of the principle of fair processing is that the individuals need to be kept informed about how their data is being used. We think this is highly important and information will be made available at each step of the development of CADRE.

Purpose Limitation 
CADRE researchers must define the study purpose in their application form, and they will only have access to the specific data subsets they need

Accuracy
Under the Data Federation Framework, each CADRE participating organisation must have the right systems and procedures in place to correct inaccurate information and to add information to incomplete records. Data quality is built into all the procedures and is continuously improved

Data Minimisation 
Approved researchers will only have access to limited datasets which are de-identified for them to carry out their research. They cannot find out the identity of any individual, unless that person has given their explicit consent for this before the research takes place. Access to the data is granted for a duration of 12 months.

Integrity and confidentiality  
Personal data within CADRE will be processed by third party processors in a manner that ensures the appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures

Each project will be also supported by a Data Protection Impact Assessment that will systematically review all data processing activities related to the study, assess the risks to patients’ rights and freedoms, and suggest ways to reduce or eliminate these risks.

All assessments will be carried out by analysing the following key factors:

• What is the study’s purpose, is it needed, and how will it improve health and care outcomes for young people;
• What is the legal basis for using the data;
• How is the data being stored
• Will there be any data transfer;
• How is data accuracy and quality ensured;
• What are the security, integrity and confidentiality measures
• What patient and public involvement has taken place

Your Rights Under Data Protection Laws 
Each participating organisation across CADRE will ensure that:

• Their staff know how to identify and deal with both verbal and written data requests from service users;
• Appropriate resources are in place to handle these requests;
• All requests are adequately logged and updated to track the handling of each request;
• All requests are complied with on time and in a way that meets individual expectations and statutory timescales;
• Appropriate systems and procedures are in place to change inaccurate information, add additional information to incomplete records or add a supplementary statement where necessary;
• Appropriate methods and procedures are in place to delete, suppress or otherwise stop processing personal data if needed;
• Appropriate methods and procedures are in place to restrict the processing of personal data if needed.

Each party must also give reasonable assistance to any other parties to enable them to comply with any requests received or to respond to queries or complaints from data subjects. To know more about your rights, please refer to the privacy notices in Resources.