Skip to main content

GDS Data Architecture

Data Sharing Principles

Capability Model

10. Secure shared data proportionately

Continuity principle

Statement

We secure shared data based on the level of risk associated with its use.

Why does this matter?

Preserving the confidentiality, integrity, and availability (CIA) of data is critical to protect operational outcomes of data projects. Confidentiality ensures that only authorised parties can access sensitive information, protecting individuals’ privacy and organisational secrets. Integrity guarantees that data remains accurate and unaltered during sharing processes, maintaining trust in the data’s reliability. Availability ensures that data is accessible when needed by those with legitimate access, supporting timely decision-making and service delivery.

By design, data sharing initiatives involve making data more available than before, presenting additional CIA risks.

However, making proportionate security decisions is key, as often not sharing data in time carries significant risks that need to be weighed against the risks of sharing. Applying proportionate security also helps to avoid overburdening data sharing systems with excessive or complex controls where the risks of not sharing data are acute. A proportionate approach to security allows data to be shared efficiently, supporting better decision-making and public service outcomes while still safeguarding the interests of all stakeholders involved.

How do we do this?

We should apply the government’s security guidance detailed in the Personal Data Security Principles, the Technology Code of Practice (Point 6) and the Service Standard (Point 9) to our data sharing initiatives.

Data providers should:

  • Clearly identify CIA risks involved in sharing certain data.
  • Minimise attack surfaces of shareable data by avoiding excessive data transfers, working with data consumers to understand the minimum set of data they require, and anonymising or pseudonymising data where possible before sharing.
  • Ensure any contracted third-party processors of shared data understand their responsibilities for managing security risks.
  • Ensure that every shareable data asset has an accountable owner.
  • Prepare data assets for processing with Privacy-Enhancing technologies where necessary.
  • Reduce the use of common identifiers across data sets for the purposes of matching.
  • Protect vulnerable and at-risk individuals whose data is shared in the event of a data breach.
  • Ensure that those processing shared data have the skills and appropriate clearance to securely handle it.

Data consumers should:

  • Clearly identify the risks of not receiving certain shared data.
  • Work with data providers to ensure the minimum amount of personal data is provided to meet further processing requirements.
  • Ensure any contracted third-party processors of shared data understand their responsibilities for managing security risks.
  • Seek permission from data providers before using identifiers to match data records.
  • Ensure that those processing shared data have the skills and appropriate clearance to securely handle it.

Data sharing enablers should:

  • Help data providers and data consumers weigh up the risks of sharing and not sharing certain data.
  • Help data providers minimise the attack surface when sharing personal data and consider federated sharing approaches first (Principle 2).
  • Ensure all parties in the data sharing supply chain understand their responsibilities for managing security risks.
  • Implement appropriate data security controls around data sharing processes, such as encryption, logging and attribute-based access controls.
  • Consider using Privacy-Enhancing Technologies when simpler controls are not appropriate.
  • Ensure that vulnerable and at-risk individuals receive the same level of data sharing service as everyone else.