For healthcare systems
Our approach
Comprehensive analysis of de-identified and anonymised patient data using machine learning has the potential to improve patient care, accelerate the discovery of new medicines, better understand and treat disease, and reduce costs.
Under our collaborative Strategic Research Agreement model we ensure healthcare systems retain full control of their anonymised patient data.
About Strategic Research Agreements
Sensyne Health collaborates with public and private health systems under Strategic Research Agreements to combine clinical artificial intelligence with ethically-sourced, de-identified and anonymised patient data to advance medical research.
We work closely with leading clinicians in our partner health systems to understand the patient journey on a clinical pathway, and how the different data sets available within each health system link to these pathways. This enables us to contextualise specific research questions and understand how the different data sets can be optimally analysed to provide solutions that support meaningful research.
How health systems benefit
Through processing ethically sourced de-identified and anonymised data we ensure that health systems and their patients benefit by:
Advice
Access to clinically led expertise in machine learning team.
Curated data
Development of structured, curated, contextualised data.
Data analysis
Data analysis to answer key health system questions in medical research, patient care and operational efficiency.
Collaboration
The creation of a link between the life sciences industry and health system clinicians.
Revenues
Value and a financial return.
FAQs
"Anonymised Data" is defined in Recital 26 of the GDPR as anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable. Recital 26 goes on to provide that the GDPR and its principles of data protection does not therefore concern the processing of such anonymous information, including for statistical or research purposes. The ICO defines "anonymisation" as the process of stripping personal data of sufficient elements that mean the individual can no longer be identified.
For the data to be considered anonymous, it should not identify any individual and should be unlikely to allow any individual to be identified through its combination with other data.Sensyne Health manages risk in the processing of data using a certified Quality Management System (ISO13485 - Medical Devices Quality Management Systems and ISO27001- Information Security Management Systems) to ensure the safeguarding of data by implementing physical and digital controls and procedures from the data source through to transport, storage, analysis and disposal of anonymised data. Information Security compliance is ensured by means of external certification to ISO27001, which includes specific requirements dictated by GDPR and by internal procedures that address further defined requirements mandated by data protection legislation and security management system.
Sensyne Health is registered with the ICO (Information Commissioner’s Office) as required by GDPR and DPA 2018 (registration number ZA451278).
At the time that we make a request to an SRA partner health system for anonymised patient data, we submit a document to the health system containing specific key information concerning the request, in accordance with an agreed information governance framework and standard operating procedures. Our governance work with the health system is based upon and designed to satisfy the Caldicott Principles for data sharing and relevant data governance legislation such as GDPR. There are two distinct types of data requests that we can make:
- A data processing request (“DPP”) outlines the data we are requesting, our intended purpose for analysing the anonymised patient data, the potential patient benefit we expect to arise from our analysis of the data and clear descriptions of the retention and deletion of the data. If the health systems’ Caldicott Guardian/DPO is satisfied with the information provided, he/she approves the request for transfer of the anonymised patient data. Every approved request is logged and filed within the Sensyne Health Quality Management System, for audit purposes and in the interests of transparency.
Authorised personnel at the health system will then extract the requested data from their systems and undertake an anonymisation process on the data, designed to create an anonymised dataset which contains no patient identifiable information. After the anonymisation is completed by the health system, the anonymised patient data is then transferred to Sensyne Health under encryption. We then apply further anonymising techniques when we receive the data and before undertaking any analysis.
We would be happy to provide an example DPP to prospective SRA partner health systems on request. - An Aggregate Information Request (“AIR”) is submitted when we require information about the dataset, such as queries concerning aggregate/summary/metadata information; for example, requests of the number of patient records that contain a measurement of a specific vital sign, or requests of number of patients with a specific condition. These requests do NOT require a signature from the health systems’ Caldicott Guardian/DPO, as the risk from a data protection perspective is minimal and is information that could otherwise be obtained with a simple FOI (Freedom of Information) request. We choose however, to formalise AIRs and log them as part of our own process.
The 6 GDPR principles listed in Article 5 are embedded in the process we use:
- lawfulness, fairness, and transparency
- purpose limitation
- data minimisation
- accuracy
- storage limitation
- integrity and confidentiality
Sensyne’s primary position is that it will only ever analyse from the health system datasets that have been de-identified and anonymised in accordance with current ICO guidance on anonymisation, these therefore do not constitute personal data under GDPR Article 4 (1)
Notwithstanding this primary position, Sensyne imposes an additional layer of information governance, including a Data Processing Agreement (DPA) to support the Strategic Research Agreement (SRA) to address the situations where the datasets analysed from the health system are either (a) not properly anonymised in accordance with ICO guidance or (b) capable only of being pseudonymised in accordance with the ICO guidance (for example in the case of very small datasets in rare diseases where the appropriate health system approval would be requested).
For this reason, we predominantly provide a DPA which attributes joint controller status, in accordance with Article 26 of the GDPR, to the health system and Sensyne for the purposes of the SRA and with respect to the processing of this data. Data is reviewed by Sensyne’s Information Governance Team before being released to Sensyne’s data scientists. Should data in the dataset sent to Sensyne Health be found not to be anonymised, Sensyne Health’s Information Governance team will immediately quarantine and delete the affected records or part thereof. Sensyne will document each step of the foregoing process and file it within Sensyne’s QMS and inform the Trust of the affected records or any part thereof. If requested, Sensyne will provide the details of the QMS records to the health system.
Once the partner health system has agreed to the data access request, extracted the data and de-identified and anonymised it, the anonymised patient data is encrypted by the health system and transferred to Sensyne Health via SFTP (secure file transfer protocol) for our teams to analyse.
All anonymous patient data transferred to Sensyne Health is stored and processed within ISO 27001 certified secure data center environments.
Network access to such networks is restricted via strict Firewall rules, NACLs (Network Access Control Lists), VPN connection and Bastion jump boxes. All Sensyne Health IT environments have multiple network access controls in place. Access to de-identified and anonymised patient data is managed centrally by our IT Team and governed by our ISO certified QMS (quality management system) and IG (information governance) process. All network activity and network traffic flow within secure environments is monitored and controlled. Specific workstations within Life Sciences have controlled access to such data.
Sensyne Health uses Microsoft Azure for its cloud storage and processing environment, which offers greater flexibility, ease of data sharing and transfers, greater resiliency, and a continued robust security infrastructure.
All data will be de-identified and anonymised and include only the minimum required amount of data necessary. Sensyne will be contractually required to access and analyse data within the highest standards of responsibility and obligation as per the contractual arrangements within the SRA and DPA.
The Azure environment offers improved speed-to-care, provision of cleansed and standardised datasets to improve clinical decision making for patient pathways. This model also offers:
- End-to-end encryption providing a flexible and hyper-secure environment that can scale with Trust data and computation requirements to drive continuous innovation for Clinical Care
- Creation of a JITD (Just in Time Data) Model that aligns with your clinical workflows to continuously drive efficient and improved standards of care
- Ability to leverage a common data model aligned to OMOP and the common healthcare ontology
- Enhance Trust R&D capabilities and catalyse Patient Care and Innovation
- Automate and secure data sharing with Azure Data Share to control what you share, gain visibility into your data sharing agreements aligned to an agreed term of use
- Common Data Model with improved standardisation promoting flexible analysis and intelligence delivery of own Trust data
In addition to the ISO, Data Protection and NHS Digital Data Protection and Security standards that Sensyne aligns to, Microsoft Azure is compliant with the following UK and global standards:
- ISO: 20000-1:2011 | 22301 | 27001: 2013 | 27017 | 27018 | 27701 | 9001 | 13485
- Cyber Essentials Plus
- DPP
- FACT (Federation Against Copyright Theft)
- G-Cloud
- CIS Benchmark
- CSA-STAR Attestation / Certification / Self-Assessment
- PCI DSS
- SOC
- WCAG
- CDSA
- PCI DSS
- Shared Assessments
- TruSight
Sensyne’s robust Cyber Security framework, MFA (Multi-factor authentication), conditional access controls and Data Loss Prevention methodologies ensure not only that only permitted employees have access to Healthcare organisation data within the Azure environment but also access is restricted to trusted devices and locations. Sensyne Health is able to ensure service provision continuity and complete end-to-end security and protection built on the robustness and security principles of Microsoft Azure. The advanced infrastructure and security capabilities of Microsoft Azure enable greater flexibility and scalability of services whilst providing cutting edge security capabilities.
Raw patient level data will not be shared with a pharma client. Sensyne Health data scientists and biostatisticians will have access to the raw de-identified and anonymised data for analysis and must do so from a secure network where the data is held for the duration of the analysis.
Sensyne Health does not sell anonymised patient data to any third parties.
Sensyne Health works to create potential patient benefit from the analysis of de-identified and anonymised patient data in a number of ways, including but not limited to:
- the creation of new AI and machine learning algorithms for clinical decision support or product features for digital health applications.
- facilitating the discovery of new therapeutic targets, or new insights supporting new applications for licensed medicines (repurposing, drug combinations, or extension of indications for analysis).
- the creation of direct clinical benefit arising from new biological insights, such as the creation of a new polygenic risk score or pharmacogenetic tool from patient genomic data.
- the analysis of real-world evidence to improve patient outcome measures and clinical pathways.
- the optimisation of clinical trial designs or reduction of trial costs.
Whenever a data request is issued to a health system, we expressly state our reason for requesting the data and the potential patient benefit we expect to arise from our analysis.
Sensyne Health is a British tax paying, publicly listed company. The Company is accountable for its compliance with appropriate ethical oversight and information governance, including conformance with NHS principles, GDPR and the UK Data Protection Act 2018 and other applicable regulatory requirements.
Sensyne Health is committed to the use of international standards for the management of the Company’s quality systems and regulatory framework. These include standards such as ISO27001 (information security management systems) and ISO13485 (principles and requirements for medical device manufacturing).
Our processes to ensure compliance with all the principles, regulations, requirements, and standards outlined above have been described in other sections of this document.
Sensyne Health was an early signatory to the Department of Health and Social Care’s ‘Initial Code of Conduct for data-driven health and care technology’. We also abide by the principles set out in the DHSC’s Guidance document: ‘Creating the right framework to realise the benefits for patients and the NHS where data underpins innovation’, published on 15th July 2019.
We are committed to transparency and hold ourselves to the highest levels of account across every aspect of our business.
The Data Processing Protocol (DPP) specifies data retention times after which Sensyne Health will destroy the data sets.
Sensyne Health works on a broad range of therapeutic areas, typically with the highest unmet medical need. We have programmes in respiratory, cardiovascular, neurodegenerative and immunological diseases and cancer, but are continually evolving our internal R&D programmes based on the needs of our partners, both health systems and pharmaceutical.
Commercial value is created by the application of Clinical AI technology and expertise to the data to generate novel insights. When a partner health systems’ de-identified and anonymised patient data is analysed to create commercial value, the health system will be entitled to a percentage royalty on the revenues calculated by reference to the proportion of their anonymised patient in the overall pool of data that helped to generate a new insight. This is in addition to the potential of equity ownership in Sensyne Health plc provided to health systems in consideration for entering into Strategic Research Agreements with the Company.
Our partner health systems now hold a significant number of the shares in Sensyne Health and have formed an Advisory Group to facilitate regular discussion with the company. We hope that the Advisory Group will:
- input into the future development and strategy of the company
- suggest collaborative research projects that would utilise Artificial Intelligence and Machine Learning capabilities for the benefit of patients
- provide the opportunity to share learning in IT infrastructure developments that enable future research strategy and help facilitate cross Trust research collaborations
Health systems that partner with Sensyne Health under Strategic Research Agreements (SRAs) are not restricted from using their patient data in any way. Sensyne Health does not require heath systems to enter into agreements which grant exclusive right of access to or analysis of raw data, either patient or operational data.
Sensyne Health is a signatory to the Department of Health and Social Care’s ‘Code of Conduct for data-driven health and care technology.’
Health systems that partner with Sensyne Health are not restricted from using their patient data in any way, either locally or nationally. In fact, Sensyne Health is working to help health systems improve the quality and curation of the data they have for the benefit of the health system audit, research, and quality improvement processes.
In order to obtain a longitudinal view of patients, Sensyne Health typically requires access to electronic data that includes prescribing data, demographic data, vital-signs, laboratory data, imaging data, genetic data (where available), procedures and diagnosis codes (usually expressed as ICD10-codes).
There is no minimum number of records required and we work with health systems to determine what is required and is possible, based on the specific requests we receive from our pharmaceutical partners.
Sensyne Health’s digital health applications include license provisions allowing us to extract both aggregated and de-identified and anonymised patient data for the purposes of operational and product improvements as well as for medical research purposes. In this case, anonymisation is done as part of an automated pipeline and stored securely in the same way as health system data.
Where a partner health system has licensed our digital health applications and has a Strategic Research Agreement (SRA) with Sensyne Health, data from the applications can be integrated into the health systems’ electronic patient record systems where technically possible; in this situation, Sensyne Health may request data from the applications linked to other health system data in the normal way under the SRA, as set out in the previous paragraph.
We work closely with partner health systems to try to ensure that the data extraction process minimally impacts the workload of health system staff. Overall, we put patient benefit at the center of what we do, and work with our partner health systems to ensure we are not putting undue pressure on their existing staff.
When a request from a pharma client or one of our internal R&D programmes defines the need for a data request, we draft an AIR or DPP which outlines the data needed to answer the question. This data request is shared with our key point of contact in the health system who then shares this with their clinicians for review. This also allows the clinicians to add in relevant research questions which they would like answered as part of the research study for consideration by the Life Sciences team.
With regards to a DPP, once this is final, it goes through IG approval from both Sensyne Health and the health system and data is extracted, de-identified and anonymised and shared via encryption, for analysis by Sensyne Health’s Life Sciences team. The outcomes from this analysis are finally shared with the pharmaceutical client.
The SRAs have an IT grant mechanism which can be drawn upon to fund additional IT resources to enable the creation and access to anonymised data sets within partner health systems.
We are interested in entering into separate Clinical Research Agreements (CRA) with health systems to develop clinical algorithms to provide real time clinical management support for clinicians across multiple conditions.
We provide IT investment funding within each SRA to pay for health system IT infrastructure development that will enable access to de-identified and anonymised data sets that may support future health system research programmes.
For programmes that we run, we work with the clinicians within the partner health systems to ensure we can advance their research objectives.
We can work with teams within partner health systems to use Sensyne Health’s Clinical AI expertise and technology to answer questions aimed at improving patient care or improving a health systems’ operational efficiency.
Sensyne Health operates in complete alignment with all 5 of the principles set out in the Guidance document, published on 15th July 2019:
- Any analysis of NHS data, including operational data, not available in the public domain must have an explicit aim to improve the health, welfare and/or care of patients in the NHS, or the operation of the NHS.
- NHS data is an important resource and NHS organisations entering into arrangements involving their data, individually or as a consortium, should ensure they agree fair terms for their organisation and for the NHS as a whole.
- NHS organisations should not enter into exclusive arrangements for raw data held by the NHS, nor include conditions limiting any benefits from being applied at a national level.
- Any arrangements agreed by NHS organisations should be transparent and clearly communicated in order to support public trust and confidence in the NHS and wider government data policies.
- Any arrangements agreed by NHS organisations should fully adhere to all applicable national level legal, regulatory, privacy and security obligations, including in respect of the National Data Guardian’s Data Security Standards, the General Data Protection Regulation (GDPR) and the Common Law Duty of Confidentiality.