Hima is the Data and Information Services Manager working for the Small Area Health Statistics Unit (SAHSU). SAHSU maintains a large data collection of administrative health and population-based data that are used for its research and surveillance programme to study trends in chronic disease and assess the risk to the health of the population from environmental factors at a small-area scale to protect the health of the population and to support improvements in health and care outcomes.
Some of Hima’s responsibilities are:
- Involvement at every stages of SAHSU’s Data Life Cycle Management from data acquisition, backup and recovery, data management and maintenance to data retention and secure destruction.
- Managing data throughout its lifecycle to support SAHSU’s requirements, risks, regulatory and legal requirements whilst ensuring transparency and accountability into data acquisition, creation, processing, linkage, maintenance, dissemination, and destruction of data.
- Defining policies and practices in line with relevant legislations and best practice guidance - ISO27001 standards for use of SAHSU’s protected health data which includes personally identifiable information, de-identified and anonymized data classed as secondary uses of data for its operational requirements.
- Undertaking the NHS Digital Data Security and Protection Toolkit assessment to provide data security and protection assurances to various stakeholders.
- Identifying training needs of service users regarding data and governance.
- Ensuring Information Governance best practices are embedded in the SAHSU’s work activities by creating and maintaining high-level awareness, profile and understanding of the strategic and practical importance of setting high standards regarding data handling and security.
- Writing data applications, reviewing and managing data sharing agreements from various data providers.
- Confidentiality Advisory Group - Health Research Authority and National Research Ethics Service (NRES) applications for SAHSU’s research database.
- Overseeing the handling, processing, including dissemination of de-identified data to service users in line with relevant legislations and best practice guidance.
- Establishing clear approach for data cleaning, processing, linkage and de-identification including methodologies and standards for data linkage and data de-identification.
- Developing and maintaining business processes for processing data, managing data requests, data extraction and analysis.
- Creating robust data models and systems to facilitate SAHSU’s operations whilst mitigating risks around legal, ethical and privacy considerations of health data.
- Ensuring only registered service users who have completed all mandatory IG and security training, signed the acceptable use policy, having been given the appropriate levels of access may access data relevant to their studies/project.
Most recent achievement is upgrading the SAHSU’s Secure Research Systems infrastructure and achieving ISO27001 accreditation working in collaboration with the IT Manager. Other achievements include involvement at every aspects of the data management life cycle, information governance, databases held in Secure Research Service environment with controlled access security; high work ethic and commitment to achieve objectives; proactive with proven ability to overcome challenges and improve processes to deliver results.
Piel FBJ, Brandon P, Hima D, Anna L H, Paul E et al., 2018, The challenge of opt-outs from NHS data: a small-area perspective, Journal of Public Health, Vol: 40, Pages: e594-e600, ISSN: 1741-3842
et al., 2021, Life expectancy and risk of death in 6,791 English communities from 2002 to 2019: high-resolution spatiotemporal analysis of civil registration data, The Lancet Public Health, ISSN:2468-2667
et al., 2020, Availability, access, analysis and dissemination of small area data, International Journal of Epidemiology, Vol:49, ISSN:1464-3685, Pages:i4-i14