SynD Framework logoSynthetic Health Data Governance Framework (SHDGF)
Home
ResourcesAbout SynD
1
Use Case
2
Source Data
3
Generate
4
Re-ID Risk
5
Safety
6
Final

Step 5 - Manage Residual Privacy and Operational Risks

Ensure any remaining risks are managed through governance, secure handling, and continuous monitoring. Define processes for responsible release and use.

DPDRDS

Governance Intent

Verify that environment, people, and data controls satisfy the Five Safes framework.

Decisions

Are all Five Safes satisfied?

Why This Step

Verify that environment, people, and data controls satisfy the Five Safes framework for responsible data sharing.

Prerequisites

  • Completed Step 4 (risk assessment)
  • Understanding of Five Safes framework
  • Access control mechanisms in place

Time Estimate

45-90 minutes

Five Safes compliance
All five dimensions (Safe People, Safe Projects, Safe Settings, Safe Data, Safe Outputs) must be satisfied before release.

Residual Risk Management

Ensure all remaining risks are managed through governance and controls.

Required Evidence

  • Completed Five Safes checklist (Appx 10)
  • Access control records
  • DP sign-off

Step completion requirements

0 / 5 complete

Finish these before marking the step complete:

  • Establish data use agreements and access controls.
  • Communicate limitations and intended use to recipients.
  • Monitor for misuse, breach or re-identification attempts.
  • Apply retention and disposal policies consistent with data governance standards.
  • Undertake periodic review and re-approval for ongoing use.

Resources

  • Five Safes Framework (Appendix 10)
  • Framework Outcomes Form (Appendix 11)
Previous StepOverviewNext Step