FAQ

Research on TRUST can potentially lead to innovations and breakthroughs in healthcare in the form of improved clinical treatments, medical interventions, and healthcare management.

This means improving the understanding of what causes diseases and health conditions to develop, as well as evaluating the effectiveness and safety of new treatments.

Every individual’s unique biological profile could be the key to uncovering discoveries about the human body and health. If researchers have access to larger, more diverse datasets, the more likely it is that they will find something that can help you or someone else with a health condition.

TRUST is a national initiative by the Government of Singapore and does not sell any data.

Data on TRUST can only be accessed by researchers that have been approved by our Data Access Committee (DAC) after a thorough vetting process. The data on TRUST does not include any identification records, such as NRIC numbers or names.

Furthermore, researchers can only perform analysis on the data and extract insights, i.e. access to raw datasets is never granted. The analytical output is also vetted by a TRUST team to ensure it is consistent with the approved access request before it is provisioned to the researcher.

Combining different types of anonymised data on TRUST would help researchers discover previously hidden health insights and patterns. Such information would be invaluable in helping us to understand diseases, develop treatments, plan health programmes and evaluate public health policy.

To ensure that data on TRUST is safe, secure and fit-for-purpose, TRUST adopts the Five Safes Framework. These “Five Safes” are adjustable controls that complement each other to safely manage risks in data sharing. It serves to provide an optimal balance between supporting healthcare innovation while ensuring data is used securely.

Safe Purpose
Before any research is allowed on TRUST, the TRUST Data Access Committee (DAC) will review the value of the research request (e.g. scientific, clinical and health) to determine if the research is intended to serve a legitimate objective of benefitting the public and generating social benefit.

Safe People
Individuals with access to TRUST must have the appropriate credentials and only work on approved research, amongst other rules such as time-limited access.

This ensures that there are no unauthorised data disclosures to unknown or unauthorised individuals.

Safe Settings
Data on TRUST is stored in a secured environment with government-standard security measures. There are physical and technical security arrangements to prevent unauthorised data disclosure or exfiltration. In addition, activities on the TRUST platform are monitored to ensure proper usage.

Safe Data
Data on TRUST are accessed and used based on permission granted and are anonymised to reduce re-identification risks. This means that the data on TRUST does not include any identification records, such as NRIC numbers and names, so that specific individuals are unlikely to be identified from the research data. There are also legal and technical safeguards to minimise the risk of re-identifying individuals.

Safe Output
Drafts of any output to be published by Data Requestor must be provided to TRUST first, for review and checks on any re-identification risks.

All data accessed through TRUST is anonymised to MOH’s anonymisation standards. Personal data is converted into a form that cannot be used to identify the individual(s). Anonymisation is a risk-based process, which includes analysing risks of re-identification, before applying both anonymisation techniques and safeguards to prevent re-identification from occurring.

Furthermore, researchers can only perform analysis on the data and extract insights, i.e. access to raw datasets is never granted. The analytical output is also vetted by a TRUST team to ensure it is consistent with the approved access request before it is provisioned to the researcher.

It is also a criminal offence under Section 48F of the Personal Data Protection Act (PDPA) to deliberately attempt to re-identify someone. In addition to these legal safeguards, multiple process and technical safeguards are also in place to minimise the risk of re-identifying individuals.

As a data intermediary, TRUST complies with Singapore’s legal requirements such as the Human Biomedical Research Act (HBRA) and the Personal Data Protection Act (PDPA).

This is through measures such as –

• Ascertaining the appropriate permission and relevant Institutional Review Board (IRB) approval (or waiver) are in place before research on TRUST is approved.
• Anonymising datasets according to internal Government standards.
• Establishing measures to safeguard data on TRUST.
• Establishing measures to safeguard data output out of TRUST environment. For example, exports of insights will be checked for re-identification risks before being allowed out of the TRUST environment.

Notwithstanding these measures, data on TRUST is anonymised data and hence not considered personal data. This means that the anonymised data on TRUST is not governed by the Personal Data Protection Act (PDPA).

TRUST has a Data Access Committee (DAC) that will review the scientific, clinical, health value of requests before concluding if the purpose of use is beneficial to the public and can generate social benefit. Applications for research projects on TRUST will be evaluated in accordance with the above-mentioned criteria.

We thank you for your interest in TRUST. Your data is valuable in helping us understand diseases, develop treatments, plan health programmes and evaluate public health policy.

TRUST does not collect data directly from individuals, but from public health institutions, research institutions or public agencies. When you provide permission to your data for research purposes, it allows institutions or agencies to share that data with and via TRUST within the scope of your permission. Be assured that datasets on TRUST are accessed and used based on permission granted and anonymised so that it is highly unlikely for you to be re-identified from the data.

As data on TRUST is de-identified and anonymised, TRUST would not be able to identify individuals from the data. Anonymised data is not considered personal data and thus is not governed by the Personal Data Protection Act (PDPA).

De-identification refers to the removal of identifiers (e.g. name, NRIC) that directly identify an individual. De-identification is sometimes mistakenly equated to anonymisation. However, it is only the first step of anonymisation. A de-identified dataset may be easily re-identified when combined with other forms of data that may be easily accessible by the public.

Anonymisation refers to the process whereby personal data is converted into data that cannot be used to identify the individual(s). Anonymisation is a risk-based process, which includes analysing risks of re-identification, before applying both anonymisation techniques and safeguards to prevent re-identification from occurring.

TRUST is a Singapore Government initiative. The platform is jointly developed by the Ministry of Health (MOH), the Ministry of Digital Development and Information (MDDI), Government Technology Agency (GovTech), and Synapxe. TRUST is supported by MOH and the National Research Foundation (NRF) under the RIE plan.

Currently, TRUST is mainly supporting public health sector users and researchers from Singaporean public health institutions, institutes of higher learning and publicly funded institutions.

TRUST, through the Data Access Committee (DAC), reviews the scientific, clinical and health value of requests before determining if purpose of use is beneficial to the public. This also serves to ensure use of such data is consistent with the consent given by those contributing the data. Other considerations include the potential for new discoveries and breakthroughs, and the feasibility of conducting the research in Singapore.

The Committee is also guided by the Health & Human Potential (HHP) domain’s focus and priorities (including the seven disease priorities*) under the Research, Innovation and Enterprise 2025 framework.

Quality improvement (QI) or quality assessment (QA) projects, which are not considered research in general and would be out of scope of TRUST’s main supported areas of research, are not supported by TRUST.

*The following areas have been identified as national disease priorities under the RIE 2025 (Research, innovation and Enterprise) HHP domain:

• Cancers and neoplasms
• Cardiovascular
• Eye
• Infection
• Mental health
• Metabolic and endocrine
• Neurological

TRUST is taking a phased approach in engaging strategic partners from both the public and private sectors. In the current phase, TRUST will be focused on supporting public sector users and researchers from local partner institutions public health institutions, institutes of higher learning and publicly funded institutions in Singapore.

Overseas institutions that are interested to explore and access TRUST are encouraged to do so in collaboration with a Singapore-based government organisation, public healthcare institution or publicly funded research institution.

TRUST will be looking to support such public-private data sharing & projects in our next phase (estimated from 2H 2024).