A Programme of Trust
SAIL Databank exhibits the most robust governance protocols available that provides reassurance to policymakers, researchers and the public. Our accreditations demonstrate our commitment to both securing data and our continuous improvement of our information security management system and associated controls.
This commitment helps develop and maintain trust with our various data providers and gives reassurance to researchers and the public alike. SAIL Databank operates a Trust Programme which means all our documentation and policies are regularly reviewed for compliancy and relevance with these strict protocols. Our Trust Programme also dictates that SAIL Databank operates with full transparency and makes all these documents available to the public, together with the record of our compliance audits.
ISO 27001
ISO 27001 is an internationally recognised best practice standard for an information Security Management System (ISMS). An ISMS is a framework of policies and procedures that include all legal, physical and technical controls that an organisation has in place to secure information / data throughout its lifetime.
The SAIL Programme has implemented an ISO 27001 Information Security Management System (ISMS), which was externally certified by independent industry assessors in December 2015.
UK Statistics Authority
Achieved in 2019, this important endorsement from the National Statistician and the Board of the UK Statistics Authority means that SAIL Databank is a recognised and trusted processor for the provisioning, storing, matching, linking and anonymisation of data.
This strand of the Digital Economy Act 2017 (part 5) aims to ‘provide accredited researchers with better access to de-identified public sector data to support research projects for the public good’.
Cyber Essentials
Achieved in 2021, Cyber Essentials accreditation further demonstrates SAIL Databank’s commitment and robust safeguards to protect its users and data providers from cyber attacks. Certification by this government-backed, National Cyber Security Centre scheme, protects against a wide range of cyber attacks.
Achieving the Cyber Essentials standard also acts as an effective deterrent to cyber criminals probing for vulnerabilities, ‘the digital equivalent of a thief trying your front door to see if it’s unlocked.’ This is an important reassurance for our users who conduct centrally funded research projects, as government and public body contracts often require Cyber Essentials certification for their IT infrastructure.
Certification number: IASME-CE-020924
