Help - Frequently Asked Questions (FAQ)

Answers to some of our most frequently asked questions are provided here.

If you are unable to find an answer to your question, please get in touch by selecting one of the short web forms.

Login and registration
Find and Access
Secure Lab

What is the Secure Lab?

Who can use the Secure Lab?

Are there any special requirements for accessing the Secure Lab?

How is the Secure Lab different to the SRS?

Is there a charge for using the Secure Lab service?

What's the Secure Lab User Agreement?

Can I or my University amend the User Agreement?

What's included in the Secure Lab training?

Using the Secure Lab

Please note that only your institution's IT support can help you with the following:

  • installing Citrix software
  • providing your 'static routable' IP address

Many issues users encounter are common and some of these are listed below:

I click on the Secure Lab login page but I don't get through to the username and password page?

When I click on the SDS Desktop icon, the SDS window doesn't launch. Nothing happens

Can I download data from the Secure Lab?

How do I link external business data to ONS business data?

What is Statistical Disclosure Control?

How do I apply for an output to be checked?

What outputs will be returned to me?

Can I discuss outputs with an Approved/Accredited researcher on the same project as me?

What if a co-researcher is not eligible to use Secure Lab?

What are the penalties for a breach of the terms of access for data?

For full details on using the Secure Lab, please see our Secure Lab User Guide.

If your issue isn’t covered in our FAQs or the Secure Lab User Guide, please Get in touch.


Who can use the Secure Lab?

Access to the Secure Lab is available to researchers who can fulfil the access requirements for the data required:

  • for ONS data: researchers must be an ONS Accredited Researcher, and the forms required to apply for this status will be made available during the application process. Further details are available from: ONS Approved Researcher Scheme
  • for non-government data: researchers must be based at a UK academic institution or an ESRC-funded research centre, and be an ESRC Accredited Researcher. PhD and research students can request access but will need to apply jointly with their supervisors
  • the satisfactory completion of training
  • an agreement by the user and their institution to a User Agreement

Please Get in touch if you have any queries about whether you are eligible to access data via the Secure Lab.


Are there any special requirements for accessing the Secure Lab?

1. Each user needs their own  static routable IP address.

2. The endpoint device which accesses the Secure Lab (i.e. your workstation) must:

  • be owned and managed by the organisation from which the Secure Lab will be accessed
  • have a direct connection to the internet; proxy servers may not be used
  • have a dedicated, static, public IP address (1-2-1 Network Address Translation is allowed)
  • have no other network connections present except for the one being used to access the Secure Lab, this includes using VPNs

 3. The following security measures must also be observed:

  • when the Secure Lab is accessed, only the wired Ethernet is used, and that the wireless is not connected simultaneously
  • the user only accesses the Secure Lab from their designated office, not from any other location
  • that good security measures are observed by the user, for example, locking screens when leaving the workstation unattended
  • not allowing screens to be visible to people other than Secure Lab users working on the same Secure Lab project


How is the Secure Lab different to the ONS Secure Research Service (SRS)?

The Secure Lab is very similar to the SRS and you will find familiar statistical software, including Stata, SPSS and ArcGIS. You can use Microsoft Office to write papers and design your presentations.

However, there are two important differences:

  1. You log in to the Secure Lab at your institution, either from your office desktop PC, or from a secure room provided by your institution, depending on the nature of the data. You no longer need to travel to an ONS office to access the data.
  2. You produce all your work within the Secure Lab system. Because you can log in from your institution whenever you wish to, there is no two-tier system of intermediate and final outputs. Instead, all of your work, from initial data exploration to writing your final paper, is done in your user area on our system. We provide you with project folders that are shared with colleagues approved to work on the same project. When you are ready to publish we check your final outputs before releasing them to you.

We are working closely with the ONS to ensure that all economic and social data currently available in the SRS will be available from the UK Data Service.


Is there a charge for using the Secure Lab service?

The Secure Lab service is part of the UK Data Service and is funded by the ESRC. We do not currently charge UK HE/FE researchers for using the service.


What's the Secure Lab User Agreement?

The Secure Lab User Agreement outlines the terms and conditions of use of the service, is signed by the researcher and a suitable officer at their institution (for example from a contracts office) and is returned before or during training.

The agreement includes:

  • liability for the researcher to complete the training
  • information security responsibilities (not giving out password, not disclosing or compromising any Personal Information)
  • penalties and breaches
  • output release policy
  • acknowledgements and copyright requirements

The agreement demonstrates that the prospective researcher understands the seriousness of the undertaking, and that they and their institution understand the penalties that may be imposed for breaches of security or confidentiality.


Can I or my University amend the User Agreement?

No. Many Universities have agreed to sign the agreement as it stands. We cannot tailor the agreement for each specific University/request. It is an agreement that fulfils the requirements of numerous parties such as the ONS, ESRC and the University of Essex.


What's included in the Secure Lab training?

The training course includes relevant legal and ethical responsibilities, required security procedures, guidance on Statistical Disclosure Control of outputs, penalties for breaches, as well as practical instruction on how to access and use the system.

Further details are available from attend a training course.


Using the Secure Lab  

I click on the Secure Lab login page but I don't get through to the username and password page?

  • Have we got your correct IP address? Usually this error occurs because you are trying to access the service from a computer that our secure server firewall doesn't recognise
  • Have you recently changed your computer? Check with your IT support to confirm your computer's IP address and check that it is a 'static routable' IP address (dedicated to your computer and that doesn't change every time you start the machine)

Please email us with your confirmed IP address and we will update our firewall if necessary.


When I click on the SDS Desktop icon, the SDS window doesn't launch. Nothing happens

This could be a software error on your PC.

  • Un-install your Citrix client software and install the latest version (visit the Citrix website to download the latest version of Citrix Receiver)
  • Restart your computer and try again. Your IT support may have to do this for you

The Citrix software is the small software application that you installed on your computer just before we provided you with your username and password.


Can I download data from the Secure Lab?

Given the potential sensitivity, confidentiality and disclosiveness of the data, it is not possible for you to download any data from the system but you can view and analyse the data on your local computer via remote access. You may not, however, copy any analytical outputs from your screen, but you can share interim results with registered colleagues within the Secure Lab. The service carries out Statistical Disclosure Control checks on outputs ready for publication before these can be released and sent to you by email.


How do I link external business data to ONS business data?

The UK Data Service is able to assist researchers wishing to link external business data to ONS business data in the Secure Lab. See our guide for further information.


What is Statistical Disclosure Control?

Statistical Disclosure Control (SDC) is the process of reviewing your work to ensure that your results (for example descriptive statistics and other analyses), cannot be used to identify an individual respondent.

There are a variety of statistical measures commonly used by researchers that we have to check. The SDC standards we adhere to have been agreed by other European countries, and can be found in the document guidelines for the checking of output based on microdata research.

We undertake SDC of all outputs that researchers request from their Member Logon areas. We do the checks manually - this gives us the flexibility to consider each project individually. For this reason, as with our European colleagues, we do not feel that SDC software is appropriate to use for checking outputs created by our members.

We provide SDC training for our members, so you are aware of the SDC rules that we apply.

Along with other members of the Safe Data Access Professionals Working Group, we have produced this Handbook on Statistical Disclosure Control for Outputs. The Handbook provides practical guidance about how to assess a variety of statistical results for statistical disclosure and ensure that ‘Safe Outputs’ are released from their secure data environments. It can be used by staff responsible for statistical disclosure control checks, as well as users of Safe Settings. The Handbook also provides advice to organisations on setting up and managing the statistical disclosure control process. 

How do I apply for an output to be checked?

We have created an SDC folder inside your login project folder. When you have finished your document, save a copy into this folder. You should then complete an Output Release Form available from our Get in touch page.


What outputs will be returned to me?

Outputs can only be removed from the Secure Lab environment subject to Statistical Disclosure Control checks by trained staff - once checked and deemed safe these are emailed to you.

In the UKDS Secure Lab, outputs are statistical results that have been written up for publication and/or presentation. You will have selected the results you wish to present to the outside world, from the analysis you have generated inside the Secure Lab, and written up the results. The output should be of a ‘publishable quality’ and have a specific purpose/use.

Publishable outputs include written documents and presentations. The publishable output types that are permitted for release from the Secure Lab are:

  • journal publication/paper
  • working paper
  • book chapter/book
  • commissioned/policy report
  • report to funder
  • final report
  • interim report
  • conference/seminar presentation
  • research dissertation/thesis/chapter

Researchers may also request release of their syntax files. These must not include any data or references to the Secure Lab server name (details in the Secure Lab User Guide).

You must also ensure that your output meets our minimum requirements. These minimum requirements must be met in order that we can make a thorough Statistical Disclosure Check:

  • information about the data source, sample, methodology must be included
  • graphs, Figures etc. must be fixed images (e.g. JPEG)
  • unweighted cell counts must be provided for everything – e.g. graphs, figures, percentages, models results
  • tables/figures must be clearly numbered and labelled
  • variables must be given meaningful names, not just the labels from the dataset
  • you must clearly explain what each graph, figure etc. shows
  • you should not request a data file. We cannot release data or any STATA, SPSS or R files from Secure Lab
  • there should not be any of the following embedded items in the output (use the ‘Inspect Document’ function to check this):
    • embedded documents
    • invisible content
    • hidden text
  • you must include the data citation in the output (this can be found for each dataset on the UKDA website and in the ‘Study Information’ files in your project area)

If any of the minimum requirements are not met, or your output is not of ‘publishable quality’, your output will not be released. We will have to contact you for further information, thus delaying the release of your output and the outputs of other users.

Secure Lab users working on the same project can easily share their intermediate findings through shared project folders. However, in some cases, we may release Intermediate Results - see What if a co-researcher is not eligible to use the Secure Lab?


Can I discuss outputs with an Approved/Accredited researcher on the same project as me?

You may discuss outputs with an Approved/Accredited researcher on the same project but this must be done discretely and privately. It is absolutely forbidden to write anything down from the screen and outputs may only be shared in the project folder in your Secure Lab Login area or in the form of 'final outputs' following Statistical Disclosure Control and release by a member of the UK Data Service Support team.


What if a co-researcher is not eligible to use the Secure Lab?

Results which have not been checked by UK Data Service staff and returned to you must not be shared or disclosed to anybody else. They should only be accessed by a colleague working on the same project (see Can I discuss outputs with an Approved/Accredited researcher on the same project as me?).

You are not permitted to share any actual results with a non-approved researcher (even if you think they are not disclosive) such as a regression coefficient or a frequency count.

You may, however, discuss the overall research proposal and the results without disclosing any actual results.

If you wish to show actual results to a colleague who is outside the UK or who is not eligible to use the Secure Lab then you may ask us to release intermediate outputs provided that (i) the colleague has registered with the UK Data Service and agreed to its End User Licence and (ii) these outputs are equivalent as possible to 'finished goods/final outputs' e.g. a table in a MS Word document that includes sufficient surrounding text to allow us to understand and check the output.


What are the penalties for a breach of the terms of access for data?

A breach in the terms of access may result in:

  • the immediate termination of the licence holder's access to the data and the termination of the licence - depending upon the seriousness of the breach, the termination of access may be permanent
  • sanctions being sought against the licence holder by the data owner
  • for government data that fall under the Statistics Act 2007, penalties as specified in S39 of the Act - this may include a fine and/or imprisonment
  • individual or institutional suspension from all ESRC data services
  • individual or institutional sanction from ESRC funding

Self-reported unintentional breaches will be penalised with discretion. Researchers who take full and prompt action to correct a self-reported and unintentional breach will not normally be penalised but may be asked to repeat training/induction.


Download and data formats
Use data
Manage data
Deposit data

Back to top  

We expect to run as normal a service as possible during this COVID-19 (Coronavirus) emergency. Please visit our COVID-19 page for the latest information.