Research Governance

Legally Trained Consultants

Compliance support for participating sites

We provide extensive support to public and private providers of health and social care, including General Practices (GPs), NHS Trusts, private hospitals and local authorities, that are asked to act as participating sites in health research studies sponsored or managed by commercial or non-commercial organisations.

If your organisation is looking to promote research by supporting studies undertaken by third-party sponsors, we are here to help you ensure that your organisation complies with data protection law and protects patients’ privacy and confidentiality.

Over the past century, scientific health research has played a vital role in most scientific and medical advances. Yet it is recent history that reveals how the large-scale processing of health data, when done appropriately, can more rapidly and effectively help find answers to today’s most pressing health-related questions.

Whether as part of a statutory duty or a private initiative, organisations are increasingly harnessing the power of data to produce meaningful health research capable of improving the care and treatment of health conditions for patients.

In the public sector, research is at the heart of the core functions of the National Health Service (NHS). From the statutory duty placed on certain NHS bodies to facilitate and promote research on matters relevant to the health service to the policy commitment made in the NHS Constitution “to innovation and to the promotion, conduct and use of research to improve the current and future health and care of the population[1], research walks hand-in-hand with the provision of direct healthcare to patients. After all, today’s research and innovations may very well become tomorrow’s standard of care.

As a result, a substantial part of all health research carried out in the United Kingdom is undertaken in the NHS, with significant participation of Acute, Mental Health and Specialist NHS Trusts and increasing engagement from community and primary care. Recent data reveals that more than one million participants were recruited to take part in UK-wide studies delivered by the National Institute for Health and Care Research (NIHR) in 2022/23. On top of that, an increasing number of studies is undertaken without the recruitment of participants using contextually anonymised data extracted from electronic health records.

[1] NHS Constitution, Principle 3. https://www.gov.uk/government/publications/the-nhs-constitution-for-england/the-nhs-constitution-for-england

Project showcase

We were commissioned by a large NHS Trust in England to help reduce a backlog, formed due to staff shortage issues, of over 150 healthcare research studies requiring research governance and data protection review before gaining approval to commence (local confirmation of capacity and capability). Our team assessed each study’s potential risks to patient rights, ensuring compliance with regulations principles, and research ethics and implementing mitigation measures as necessary and appropriate. Mindful of the urgency of the work, the dedicated team that we implemented for this project, comprised of four Advisors and one Manager, managed to eliminate the backlog in four months, improving research quality and advancing scientific quality standards.

Due to this success, we were commissioned to provide ongoing service for over one year, until their staff shortage issues were finally resolved. During that period, our team reviewed hundreds of other studies and helped the Trust to discharge its contractual obligations to sponsors, ensuring the Trust met ethical obligations and continued to promote good practice in clinical research.

In addition to successfully reducing the backlog, our team also played a key role in aligning the studies with broader health research authority guidelines and adhering to scientific quality and research ethics standards. Our efforts not only safeguarded participants but also ensured compliance with a broad range of regulations that govern clinical trials and health-related research. By consistently applying research governance and promoting good practice, we helped the Trust improve its research infrastructure, fostering innovation and enhancing the ethical and scientific quality of its ongoing clinical research projects.

Our team offers comprehensive support for both specific projects and holistic research service packages, ensuring robust research governance and high research quality. We specialise in developing procedural mechanisms to ensure compliance with information governance requirements, particularly for studies involving individual data. This includes drafting Data Protection Impact Assessments (DPIA) to evaluate risks associated with each study.

We meticulously review Study Protocols, Integrated Research Application System (IRAS) forms, Patient Information Sheets (PIS), and Informed Consent Forms (ICF) to confirm they meet legal and regulatory standards. Our services extend to drafting and reviewing various contractual agreements such as HRA-approved model contracts (e.g., mCTA, mNCA) and bespoke agreements like Data Sharing Agreements and Data Processing Agreements.

For international data transfers, we prepare and review International Data Transfer Agreements (IDTA) and conduct Transfer Impact Assessments (TIA) to ensure full legal compliance. Our approach aligns with the Data Protection Act, safeguarding participants while adhering to a broad range of ethical regulations. By championing good practice in clinical trials and healthcare research, we aim to continuously improve research quality and promote ethical integrity in all our endeavours.

Legally Trained Consultants

Here to help you

We are here to assist:

Our Services

We provide a full data protection and information governance consultancy service to all our clients who engage with us. We provide flexible packages and services to make sure that you only pay for what you need, so you aren’t paying for unnecessary services. Whatever you and your organisation need, we are here to help.

Data Protection Consultancy

Data Protection Officer (DPO) Services

Data Protection Impact Assessment (DPIA)

External Independent Reviews

Data Protection Training

Fair Processing Materials

Data Protection Audit

Information Governance Policy Development

Data Security and Protection Toolkit (DSPT)

Record of Processing Activities (ROPA) & Information Asset Registers (IAR)

Packaged Services

Other Services

Incident Management

Send Us A Message