International Data Protection Day 2026: How we work with data
At Smart Data Foundry we make private sector financial data accessible and discoverable to researchers, policy influencers and public sector organisations. By responsibly sharing this data, we aim to enable research and policies which can address critical social challenges such as poverty, inequality and economic wellbeing.
Using information about people in a legally compliant, secure and effective way is a key step towards building positive impacts for the people and communities to whom that information relates.
Fairness and transparency, through our use of privacy and cookies notice information, and our research ethics assessment process we help to build trust.
Using information for defined and specific purposes helps us to align those uses to the real changes we would like to support happening.
Minimising the information we use to what is strictly necessary for our purposes reduces the risk to people’s privacy, helping to build trust and confidence.
Understanding the quality of our information ensures it can be used for research and data product curation with confidence, with any potential for negative impacts, such as discrimination, eliminated or mitigated.
Being clear about how long we need to use and store information means we can secure it appropriately, and meet people’s information rights more readily.
Ensuring we have the training, technologies and procedures in place to protect the confidentiality, integrity and availability of our information supports our very foundations.
Through our record-keeping, and our portfolio of documented policies and procedures, we are developing an evidence base of strong data protection and ethical compliance from which we can build trust with the public and our stakeholders.
How does Smart Data Foundry work within the Five Safes Framework?
We are committed to responsible data sharing, which is the practice of sharing data in a way which complies with the law and prioritises ethical considerations, data minimisation and risk mitigation. Compliance with best practices such as the Five Safes Framework helps us to do this.
The Five Safes Framework is a set of principles which enable data services to provide responsible access to data for research purposes and ensure that data is used for public good. Originally developed by the Office for National Statistics (ONS) in the 2010s, it has evolved into a widely used framework for responsible data sharing for research and policy purposes.
Five Safes Framework | How Smart Data Foundry complies |
|---|---|
Safe data Data is treated to protect any confidentiality concerns. | The data we receive is already de-identified, and we check this to ensure that data are effectively anonymised before being made available for approved projects. |
Safe projects Research projects are approved by data owners for the public good. | Research projects must fit with the uses agreed with data partners. We carry out an assessment to confirm this, and also to check that they align with the public good, and that ethical and legal requirements are satisfied. |
Safe people Researchers are trained and authorised to use data safely. | Researchers have to complete data protection training and training on how to use the Trusted Research Environment (TRE), and pass independent clearance checks before being granted access to the data. |
Safe settings A Trusted Research Environment prevents unauthorised use. | Micro-level data is only accessible via the Trusted Research Environment. Data Collections, which aggregate data based on certain characteristics, can only be accessed by request on the secure MyFoundry platform. |
Safe outputs Screened and approved outputs that are non-disclosive. | We check outputs to ensure that they are anonymous and that individuals cannot be reidentified. |
Data protection is essential for building trust with our users, partners and the public
Complying with data protection legislation is more than just a compliance requirement. We hope that getting it right will help us to demonstrate that we can be trusted in our work to enable impactful research and inform decision-making through unlocking financial data.
This year we are using Data Protection Day as an opportunity to remind our staff of the responsibilities we have under data protection legislation. We will be reminding them to ensure that we manage our records robustly and secure the information with which we are trusted effectively. We want to ensure that come next International Data Protection Day, our data protection framework remains compliant.
