For Research Institutions

The Loome TRE platform provides a complete environment for secure research — combining governed data access, automated de-identification, and controlled egress with a self-service research workspace.

Unlike platforms that stop at the infrastructure layer, Loome TRE integrates data management and research compute into a single, compliant environment. Built on Azure, deployable within your own tenant, and designed around the Five Safes framework.

The Platform

The complete TRE platform for secure data

Most secure TRE platforms stop at the infrastructure layer — they give researchers a safe place to find and access data, or a safe place to use analysis resources. Loome TRE goes further, by combining a rich data platform and a secure analysis workspace into a single TRE platform.

The Data Platform in Loome TRE governs what data researchers can access and how they are provided access to it, and by whom. Loome Workspace is where they work with the data. Approved, de-identified datasets flow from the Data Platform into Workspace — and nothing leaves the TRE except through the airlock.

Loome Data Platform

Data catalogue, de-identification, and data sharing workflows for federated access

  • Rich dataset catalogue and discovery portal
  • Powerful data classification and metadata search
  • Automated data de-identification workflow
  • Data airlock for controlled summary data export
  • Federated data access to remote data sources
  • Automated data pipelines with quality monitoring and alerting
  • Long-term data archiving workflow

Loome Workspace

Self-service research resources and project collaboration

  • Self-service, governed access to research resources
  • Collaborative project workspaces
  • Network isolation and secure remote access
  • Customisable resource and analytical tools catalogue
  • Access to HPC, GPUs, AI, and anything else on Azure
  • Role-based access controls per project
  • Budget controls, cost monitoring, and alerting
Loome Data Platform Find, access & govern data
Airlock Securely approves & controls data flow
Loome Workspace Analyse, collaborate & innovate

Loome TRE Platform Architecture: Data Platform → Airlock → Workspace

Security, Governance & Compliance — across every layer
Features

Everything a modern TRE requires

Loome TRE addresses both sides of secure research: the data your researchers need to work with, and the infrastructure they need to work on — governed, auditable, and compliant from end to end.

Data Catalogue & Discovery

Researchers can find, understand, and request access to datasets through a rich catalogue with metadata search and data classification — without needing to contact data custodians directly.

  • Dataset discovery portal with metadata search
  • Powerful data classification and tagging
  • Federated access to remote and external data sources

Automated De-identification

Sensitive data is de-identified through automated, auditable workflows before it reaches researchers — reducing institutional risk and accelerating ethics approval timelines.

  • Automated de-identification pipelines
  • Audit trail for every data transformation
  • Configurable to institutional and regulatory requirements

Data Airlock

The airlock is the controlled gateway through which outputs leave the TRE. Researchers submit summary data for review; a data manager checks and approves the export before anything crosses the TRE boundary. Nothing leaves without oversight.

  • Controlled data egress with review and approval workflow
  • Prevents unapproved data extraction
  • Full audit log of all export requests and decisions

Automated Data Pipelines

Ingest, transform, and archive research data through automated pipelines with built-in quality monitoring and alerting — keeping data updated, accurate, and compliant.

  • Automated ingestion and transformation workflows
  • Data quality monitoring and alerting
  • Long-term archiving with retention controls

Self-Service Research Workspace

Researchers get governed, on-demand access to the compute resources and analytical tools they need — HPC clusters, GPU workstations, AI environments — without waiting on IT.

  • Self-service access to HPC, GPUs, and AI tools
  • Customisable analytical tools catalogue
  • Collaborative project workspaces

Security, Governance & Compliance Throughout

Every layer of the TRE — data and compute — operates under a unified security and governance framework. Because all data and compute stays on your Azure tenant, your Loome TRE implementation can be ISO 27001 certified, NHS compatible, Cyber Essentials Plus accredited, because it is built on Azure.

  • Role-based access controls and Entra ID authentication
  • Network isolation and secure remote access
  • Full audit capabilities across all users and actions
Researcher Journey

How researchers work in Loome TRE

From discovering a dataset to publishing findings, every step happens within a governed, auditable environment.

Data Platform Workspace Airlock
01

Discover

Researcher browses the data catalogue and finds relevant datasets

Data Platform
02

Request Access

Access request submitted through governed workflow for approval

Data Platform
03

De-identify

Automated de-identification pipeline processes sensitive data

Data Platform
04

Analyse

Researcher works with approved datasets in the secure Workspace

Workspace
05

Request Export

Summary data export request submitted from within the Workspace

Workspace
06

Output Review

Data manager reviews and approves the proposed output in the secure environment

Airlock
07

Summary Data Released

Only approved summary data crosses the TRE boundary — raw data never leaves

Airlock

The output review step is triggered from the Data Platform, conducted by a data manager within the secure environment, and spans both platforms. Only approved summary data crosses the TRE boundary — raw or identifiable data never leaves.

Solutions

Research without limits data or compute

Governed Data Access

Researchers discover, request, and access datasets through a governed catalogue — with de-identification, pipeline automation, and federated access to remote data sources built in.

  • Dataset discovery & metadata search
  • Automated de-identification
  • Federated data access
  • Data airlock egress control

Controlled Data Egress

The Loome data airlock ensures that only approved, reviewed outputs leave the TRE. Every export is logged, auditable, and compliant with your institutional data governance policies.

High-Performance Computing

On-demand access to HPC clusters, GPUs, and AI environments on Azure — without capital infrastructure investment. Scale up for complex analyses, scale down to control costs.

Collaborative Research

Distributed teams collaborate within shared, isolated project workspaces — sharing resources and data securely across institutions, with each organisation retaining full control over their data.

Seamless Migration

Whether migrating existing workloads or standing up a new environment from scratch, Loome's proven implementation process minimises disruption and maintains data integrity throughout.

Loome Software's expertise has been instrumental in establishing our secure health data research platform. We are implementing the Loome TRE to enable secure access to and analysis of real-world health data, empowering our researchers to conduct work that directly improves patient care and outcomes. The integration of security, compliance, and ease of use is a valuable asset for our partnership.

Professor Peter Vuillermin
Professor Peter Vuillermin Chair in Medicine and Director of Research, Deakin University School of Medicine
FAQs

Frequently asked questions

Everything you need to know about Loome TRE.

Can't find what you're looking for?

Contact Us Today

A TRE is a secure platform that gives researchers governed access to sensitive data and the computational resources needed to analyse it — within a controlled, auditable environment. Loome TRE combines two layers: the Loome Data Platform (catalogue, de-identification, pipelines, and data airlock) and Loome Workspace (self-service compute, project collaboration, and governed resource access), all under a unified security and compliance framework.

Most secure compute platforms only address the infrastructure layer — they give researchers a safe place to work, but not a governed way to get data in or safely release outputs, or the other way around. Loome TRE includes a full Data Platform layer: dataset catalogue and discovery, automated de-identification, data ingestion pipelines, and a controlled airlock for data egress. This is what makes it a genuine TRE, not just a secure workspace.

When a researcher is ready to publish or share findings, they submit a summary data export request through the Workspace. This triggers an output review — conducted by a data manager within the secure environment — where the proposed output is checked before release. Only approved summary data crosses the TRE boundary. Raw or identifiable data never leaves. Every request, review decision, and release is logged in full.

The Data Platform provides: a rich dataset catalogue with metadata search and classification; automated de-identification workflows; federated data access to remote data sources; automated ingestion and transformation pipelines; data quality monitoring and alerting; and a long-term data archiving workflow.

De-identification is handled through automated, configurable workflows that process sensitive data before it is made available to researchers. Every transformation is logged and auditable. The specific de-identification approach can be configured to meet your institutional requirements, ethics conditions, and applicable regulations.

Because all data and compute stays on your Azure tenant, your Loome TRE implementation can be ISO 27001 certified, NHS compatible, and Cyber Essentials Plus accredited. The platform implements the Five Safes framework and is built on Azure's enterprise-grade infrastructure. It is designed to meet compliance requirements across Australian and UK research contexts, including GDPR and institutional data governance policies.

Yes. Loome TRE supports multi-institution research through federated data access and isolated collaborative project workspaces. Each organisation maintains control over their own data, with approved sharing and access governed through the platform's catalogue and access controls.

Researchers have self-service access to HPC clusters, GPU workstations, AI environments, and any other Azure-based resource required for their work. The analytical tools catalogue is customisable, and budget controls, cost monitoring, and alerting are built in.

Basic TRE capabilities can typically be deployed within weeks. Full implementation — including Data Platform configuration, de-identification workflow setup, catalogue population, and workspace customisation — typically completes within 2–3 months depending on scope and institutional requirements.

Your data remains under your institution's control at all times because all data and compute are deployed on your Azure tenant. Furthermore, the federated model in Loome Data Platform means that the data is always stored at source (e.g., databases, REDCap, file shares), and only authorised, de-identified snapshots are copied to the Workspace, which are then stored on your Azure Storage infrastructure.

Get Started

Ready to build a proper TRE ?

Secure compute alone isn't enough. Loome TRE gives your institution the complete picture, governed data access, automated de-identification, controlled egress, and high-performance research infrastructure, in a single, compliant environment.

Schedule a Demo