The world of research is at an inflection point. On one hand, data-driven insights can transform patient care, accelerate drug discovery, and improve public health policies. On the other hand, privacy concerns, regulatory constraints, and fragmented data sources hinder progress. According to a 2018 survey, “Concerns about misuse of data is the main reason people are concerned about sharing their datasets.” [1]
How do we strike the right balance between security and innovation? The answer is Trusted Research Environments (TREs), Secure Data Environments (SDEs), or Data Safe Havens — platforms that provide a trusted space where researchers can access and analyse health data without compromising security, privacy, or compliance.
“A Trusted Research Environment provides a secure space where Real-World Data can be accessed and analysed without compromising privacy. In pharmaceutical and life sciences research, it enables advanced analytics on large datasets, supporting drug development, safety monitoring, and evidence-based decision-making—all while ensuring data security and regulatory compliance. Turning data into knowledge, safely and responsibly!”
– Åsa Carlsheimer, Data Science and Analytics, BC Platforms.
Leveraging Real-World Data’s Potential While Safeguarding Patient Information
The “trust” in Trusted Research Environments cannot be assumed—it must be earned through rigorous safeguards and accountability. As a BMJ analysis highlights: “Trust should be built on transparency, governance, and accountability—not assumed as a given in the name of the environment itself.” [2]
As secure computing platforms, TREs allow approved researchers to work with sensitive datasets in a fully governed setting. Unlike traditional data-sharing models that require duplication or extraction, TREs keep data centralized, minimizing the risk of unauthorized access or breaches while providing researchers with a seamless experience to access analytical tools and diverse datasets.
Data custodians—such as hospitals, biobanks, and research institutions—play a crucial role in ensuring these datasets remain securely stored, governed, and accessible only to authorized users [3]. Given that “data sensitivity was mentioned most often, accounting for 66% of concerns raised by medical researchers” (Stuart et al., 2018), TREs offer a privacy-first approach that reassures both patients and stakeholders that health data is used responsibly.
A lack of standardization is a critical issue, as highlighted in the International Journal of Population Data Science (IJPDS): “Interoperability remains a major barrier to seamless health data sharing. Without standardized frameworks, researchers struggle to collaborate across TREs.” [4]
By enabling secure collaboration and reducing inefficiencies, TREs empower researchers to extract insights faster and drive scientific breakthroughs. They also align with stringent regulatory frameworks like GDPR and HIPAA, ensuring ethical and lawful data use in research.
Regulation of TREs varies by jurisdiction. In Europe, GDPR governs compliance with national health data access laws, while the European Health Data Space (EHDS) aims to create a unified legal framework for secure health data use across member states. In the US, TREs must adhere to HIPAA regulations to uphold patient privacy.
Who Uses TREs and Why?
“TREs are essential for unlocking the full potential of Real-World Data, enabling researchers to collaborate across institutions while ensuring privacy-first, federated access.” [5] Who uses them?
- Healthcare institutions: Hospitals, research centres, and public health organizations use TREs to analyse patient data securely, supporting clinical research, epidemiological studies, and evidence-based decision-making.
- Pharmaceutical companies: TREs allow pharma organizations to conduct real-world evidence studies, identify potential clinical trial participants, and gain insights into drug efficacy without compromising patient privacy.
- Researchers: Universities and independent research bodies use TREs to access high-quality datasets for genomics, epidemiology, and personalized medicine studies.
- Government and Regulatory agencies: National and regional agencies leverage TREs to monitor public health trends, evaluate healthcare policies, and improve patient outcomes.
BC Platforms’ TRE Solution
While TREs enhance data security, cross-platform interoperability remains a challenge. According to a PHG Foundation report: “Researchers accessing multiple TREs must navigate complex governance structures, ethics approvals, and data use agreements, causing delays in research.” [6]
BC Platforms’ TRE solution is designed to provide seamless, privacy-preserving access to high-quality health data while ensuring compliance with stringent regulatory frameworks such as GDPR, HIPAA, and ISO 27001. “By leveraging cloud-native architectures, TREs can scale dynamically, allowing institutions to support growing research demands without compromising security or regulatory compliance.” [7]
By integrating federated data discovery, advanced data management, and secure researcher workspaces, our platform eliminates the risks of data duplication or unauthorized access. Researchers can explore and analyse datasets without moving or copying them, thanks to our federated approach, while administrators retain full control over governance and compliance. Our cloud-agnostic TRE architecture is built for scalability and flexibility, enabling deployment across:
- On-premises environments for institutions with strict data residency requirements
- Hybrid configurations that balance local control with cloud-based scalability
- Public cloud infrastructures, including Azure, AWS, and GCP, under customer-managed or fully managed SaaS models
Our platform ensures elastic computing power, optimizing resources based on workload demands. End-to-end encryption and role-based access controls provide robust data security, while our airlocked secure virtual desktops prevent data leakage.
Ready to transform your research with a TRE? Contact us today to explore how BC Platforms can support your journey toward a more connected and impactful health research ecosystem: https://www.bcplatforms.com/contact
The European Vision for Secure Health Data Sharing: the Path to an EHDS-Ready Future
If we zoom in on Europe, a significant transformation is underway. The European Health Data Space (EHDS) initiative is poised to redefine the landscape of health data sharing, establishing a trusted, interoperable framework for cross-border research and innovation. “As regulations like GDPR and EHDS evolve, TREs will become the standard for ethical, secure, and scalable health data research across borders.” [8]
BC Platforms’ EHDS-ready TRE is designed to support this vision, ensuring compliance with evolving European regulations. By enabling seamless data sharing across member states while maintaining robust privacy protections, our solution empowers:
- Healthcare institutions to collaborate on large-scale studies and drive clinical advancements.
- Pharmaceutical companies to conduct regulatory-grade research and optimize drug development pipelines.
- Public health agencies to monitor disease outbreaks and shape effective health policies.
This new era of health data collaboration will accelerate scientific discoveries, improve patient outcomes, and position Europe as a global leader in secure and ethical health data research.
Learn more about our EHDS-ready TRE: https://www.bcplatforms.com/ehds
Notes:
[1] Springer Nature Survey Data, Research Data: Challenges and Opportunities for Japanese Researchers https://doi.org/10.6084/m9.figshare.6609056.v1
[2] Laurie, G., & Jones, K. (2022, September 5). Why Trusted Research Environments Are Not About Trust. BMJ Medical Ethics Blog. https://blogs.bmj.com/medical-ethics/2022/09/05/why-trusted-research-environments-are-not-about-trust/
[3] “A TRE ensures that sensitive data remains within a controlled environment, allowing researchers to run complex analyses while maintaining strict governance and security policies.” — Raman, B., Samal, A., Johnston, S., & Ravichandran, V. (2024, December 18). Integrating Research and Engineering Studio in Trusted Research Environments built on AWS. AWS HPC Blog. https://aws.amazon.com/blogs/hpc/integrating-research-and-engineering-studio-in-trusted-research-environments-built-on-aws/
[4] IJPDS. (2023, November 8). Bridging the Gap to Unite Trusted Research Environments. https://ijpds.org/news/08-11-2023-bridging-the-gap
[5] Lifebit (2023, March 23 ). The Complete Guide to Trusted Research Environments in 2024. https://www.lifebit.ai/trusted-research-environment/complete-guide-2024
[6] PHG Foundation. (2024, November). The Federation of Trusted Research Environments for Genomics and Health. https://www.phgfoundation.org/app/uploads/2024/11/The-federation-of-trusted-research-environments-for-genomics-and-health-.pdf
[7] Raman, B., Samal, A., Johnston, S., & Ravichandran, V. (2024, December 18). AWS HPC Blog. https://aws.amazon.com/blogs/hpc/integrating-research-and-engineering-studio-in-trusted-research-environments-built-on-aws/
[8] Lifebit (2023, March 23). The Complete Guide to Trusted Research Environments in 2024. https://www.lifebit.ai/trusted-research-environment/complete-guide-2024
