Error message

Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in menu_set_active_trail() (line 2405 of /homepages/3/d274688683/htdocs/devdrupalseven/includes/

SHIP Triage Process

Understanding SHIP's proportional authorisation process

The SHIP triage process is the process carried out by the SHIP Research Co-ordinator after a data access application has been submitted to them and after the data controller has set any conditions for access. The Research Co-ordinator will examine any privacy risks which could arise from your proposed data access and use and will assign a privacy risk category to your application accordingly. The fewer concerns that are raised, the lower the privacy risk category that will be assigned.

There are 5 key elements of risk which the SHIP Research Coordinator will use to assign a privacy risk category to a researcher’s data access request Each of these will be given due consideration in any risk assessment. They are:

  1. Privacy (the likelihood of breach)
  2. Impact of any privacy breach
  3. Reputational impact for data controllers
  4. Research motive
  5. Public expectations including the public interest in your research project

Alongside these risks, 5 core concerns must also inform any privacy assessment, in essence any relevant considerations pertaining to the application will fall under the following 5 concerns and thus they should be kept in mind at all times :

  1. Public interest- is there a public interest in your research project?
  2. Safe data- is the data you propose to access safe and secure, e.g. has it been or can it be anonymised?
  3. Safe people- have you attained SHIP approved research status?
  4. Safe environment- is a SHIP Safe Haven being used? Or if there is to be data travel are adequate security measures in place?
  5. Relative risks- what are the risks associated with your proposed data access? What measures could be taken to combat these risks?

After these core elements of risk and concern have been assessed by the Research Coordinator, the application will be given a privacy risk category. The fewer concerns that are raised by the proposed data access and use the lower the privacy risk category that will be assigned to the access request.

Consequences of risk categorisation

The consequences of an application being assigned a particular the risk category assigned are threefold:

  • This determines the authority responsible for authorising the data use.  For categories 0 and 1 approval will be given by SHIP, for category 3 a ‘fast track review’ will be conducted by the national Privacy Advisory Committee (PAC), and for category 4 a full review will be conducted by PAC.
  • The lower the risk category,  the more likely it is that the researcher will be granted data access and that access will be granted quickly.
  • The lower the risk category, the fewer the additional conditions that may be attached to the data use.

These are summarised in the following table:


Examples of applications that might be categorised as 0 or 1:

  • Application for linkage which is non-disclosive and non-sensitive and for which a SHIP Safe Haven will be used.
  • Application is for a particular linkage in keeping with broad purposes already approved between SHIP and trusted researchers for a long-term project, e.g. the Scottish Longitudinal Study.
  • Application is for a non-contentious extension of a previously approved linkage.

Examples of applications that might be categorised as 2:

  • Applications for which moderate risks or concerns have been highlighted from the privacy risk assessment.
  • Repeat requests from multiple sector/international researchers who are able to demonstrate a trusted track record with respect to SHIP.
  • Applications for non-sensitive and non-disclosive data but where a SHIP Safe Haven is not to be used.

Examples of applications that might be categorised as 3:

  • Applications where there has been a failure to satisfy e.g. that the application is in the public interest or where there as possible concerns to the wider reputation of the data controller.
  • Applications where concerns have been highlighted during the privacy risk assessment.
  • Requests for multiple sector/international researchers for the first time.

Return to top of page

Return to Glossary