Implications of collecting, storing, and using sensitive research data, such as confidential participant data from a clinical trial, individual survey data, or commercially sensitive data.
In October 2016, I attended a Research Data Oxford event held by the Academic IT Research Support team at IT Services. This article summarizes the event and the presentations with links to additional material.
Increasing emphasis is being placed on the information security of research data. This combined with increasing expectations of data sharing and reproducible research makes the effective management of data essential.
To help you manage your data securely the Research Data Team are:
- Looking at the systems that are currently available.
- Aiming to bring together and disseminate sources of information and knowledge.
- Looking at what additional resources and systems should be put in place.
- Working with INFOSec to provide step by step advice on good practice and how you should handle your data to keep it secure, meet University and external guidelines and legal requirements.
Help with handling your data
The Research Data Oxford Team can help you.
Visit their website: http://researchdata.ox.ac.uk
Handling sensitive data: http://researchdata.ox.ac.uk/handling-sensitive-data/
They can also help with practical advice on how to:
- Abide by University policy.
- Meet funder conditions.
- Maintain contractually mandated confidentiality.
- Anonymise your data.
- Encrypt your data.
- Preserve your data safely after project completion.
To request a meeting email: firstname.lastname@example.org. The enquiries team has representatives from the Bodleian Libraries, e-Research Centre, IT Services, and Research Services.
Summary and slides of the presentations (October 2016)
Introduction - Howard Noble
The team is currently at the start of a process: they don’t have all the answers and will need to work with you.
Future workshops will focus on solutions that will also be documented on the Research Data Oxford website.
Contact information: email@example.com
Sensitive Data - Rowan Wilson
Looked at how IT and policies/regulations intersect, how the University's current systems can be used to meet responsibilities and how to make best use of technology, as well as considering whether they are solutions we need but don’t currently have.
- Why data may be sensitive – personal data, sensitive personal data, data protection act, confidentiality, IP ownership.
- IT requirements.
- Why you might need to release your data.
- Some examples of sensitive data queries/scenarios:
- Emailing sensitive personal data
- Gathering data in Oxford and further afield
- Suggestions for current IT solutions to handling data.
Research Ethics and personal/sensitive data at Oxford - Claudia Kozeny-Pelling
The presentation provided:
- An overview of how the University governs research and ethics.
- An outline of personal and sensitive data.
- Guidance on sharing and re-using personal/sensitive data.
- Collecting data – obtaining informed consent.
- How to apply for ethical review.
Securing Research Data - Duncan Tooke
A three step guide on securing your data both when in Oxford and when travelling: secure your device, secure your network and secure your data.
Duncan Tooke’s slides (note: in this pdf notes are in an annotation layer)
Frameworks for Sensitive Data in the Research Lifecycle - John Southall
Consent, how data is managed during the project and how data is handled after the project is finished.
- Data lifecycle models.
- Internal and external frameworks.
- Data management plans.
- Consent agreements.
- Approaches to managing data after a project has finished.
- Research Data Oxford
- Handling sensitive data (Research Data Oxford website)
- CUREC (Central University Research Ethics Committee)
- Information Security (INFOSec)
- UK Data Archive
- Digital Curation Centre