SATRE Working group meeting 27th Feb: Input

[crickpetebarnsley]

Summary

SATRE Working group meeting 27th Feb

Source

Personal Collaboration Cafe input

Detail

Hope this input helps:
In summary
• Accreditation requires this to be recognised elsewhere. If this is done then Top priority
• Otherwise Sector specific requirements is most important and logical focus
• Governance is subordinate to accreditation conclusion and possibly sector specific
• No support needed – just orgs having the impetus and reason for doing the assessment

Some thoughts as input against the topics in the agenda:

• Sector specific needs in SATRE, for example are there SDE specific requirements?
  • I think there are SDE related things that are specific to SDEs and not TREs, some are specific to TREs and not SDEs and some are shared. It is nuanced and not simple split, but in essence, for example, things around “Safe Data” is shared but “Safe People” and “Safe Projects” is more TRE than SDE.
  • I think effort here is highest priority

• What do institutions need from us to evaluate their TREs, and what is missing from SATRE?
  • I did not need anything, the template had enough richness in the descriptions, and the tool clear. The only thought was overlap and connections between sections. But there would always be such overlaps and connections regardless of how the things would be listed / classified.
  • I think effort here would be less priority.

• Governance of SATRE, and should it be a foundation for a larger TRE network?
  • What would drive a change to the specification – other than sector specific (SDE vs TRE) needs.
  • I think that the UK TRE community may uncover a need to manage change.
  • How this specification gets adopted and influences other policy and investment decisions is very important. This I think is under “Offical Accreditation below
  • Thus I see this a less priority

- Official accreditation
• How would this (and any other specification) influence policy and investment decisions? This is a key question and the top priority.
• For that to be true then we need bodies that have this accountability (HDR UK / DARE UK) to step into making such actions happen and deploy a national infrastructure (using federation where necessary).
• We are already seeing NHS SN-SDE and similar organisations specify a set of accreditations needed to operate as a “TRE” (DEA / DSPT). Adding more is not helpful unless they fit together and cover different parts.

1. • o SDEs and TREPs and Project TREs are separate things and would have separate parts to play – as organisations can take up all or separate parts of these things.
2. • o So we need to have an understanding of the whole landscape of components before we can put the accreditation parts in place – otherwise we will / may miss the accreditation of the flows between the parts.

Intended Output

Support the discussions of the working group meeting on 27th Feb 2024

Who can help

No response

[willc-RISG]

All good stuff, and need to unpick SDE, TRE (both the research platform and specific project workspaces) is clear. On the last point re. official accreditation, the NHS SDE network is working on this now. Update of DEA is likely to be some way off (elections and all that) but alignment will be with ISO27001/DSPT etc and they are aware of and likely to align to SATRE (which is helpful). Emily Almond is leading from NHSE - I can sort contact if useful.

[drchriscole]

Thanks for opening the issue.

Following discussions at the 27th Feb event and informal discussions at the HDR UK Conference 5-6th March, it seems to me that SATRE is already being used as a de facto standard in quite different scenarios. I agree - and was also discussed - that some form of recognised "ownership" is required for accreditation to mean anything.

There's also a mapping exercise required to see where the "fit" is between ISO27001/DEA/DSPT and SATRE. When we spoke UK Stats they were keen on that.

@willc-RISG what is it that Emily Almond is leading? I don't quite follow.

[willc-RISG]

Emily is leading the NHS SDE accreditation piece. This is likely to be strongly aligned to 27001. I can put you in touch if helpful? Will Sent from Outlook for iOS<https://aka.ms/o0ukef>

…

________________________________ From: Chris Cole ***@***.***> Sent: Friday, March 8, 2024 4:46:47 PM To: sa-tre/satre-specification ***@***.***> Cc: Will Crocombe ***@***.***>; Mention ***@***.***> Subject: Re: [sa-tre/satre-specification] SATRE Working group meeting 27th Feb: Input (Issue #310) Thanks for opening the issue. Following discussions at the 27th Feb event and informal discussions at the HDR UK Conference 5-6th March, it seems to me that SATRE is already being used as a de facto standard in quite different scenarios. I agree - and was also discussed - that some form of recognised "ownership" is required for accreditation to mean anything. There's also a mapping exercise required to see where the "fit" is between ISO27001/DEA/DSPT and SATRE. When we spoke UK Stats they were keen on that. @willc-RISG<https://github.com/willc-RISG> what is it that Emily Almond is leading? I don't quite follow. — Reply to this email directly, view it on GitHub<#310 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AX333ZUKO2D2ZKSHTZXNT6DYXHTPPAVCNFSM6AAAAABD2ULVGGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOBWGA2DAMBSHA>. You are receiving this because you were mentioned.Message ID: ***@***.***>