Data protection in research data management
06/03/2017

There was a young man we’ll name Paul,
Who answered a short survey call.
He provided his data
And was shocked to see later,
His age, faith, and health shared with all.
This limerick is definitely an example of what not to do! If you’ll be collecting any personal data or sensitive personal data during your research project, you will need to work carefully to ensure participant involvement is correctly handled, in compliance with the Data Protection Act.
Before anything else, ask yourself: do you even really need to collect personal data? Does it really hold research value or are you collecting it for administrative purposes? If personal data does need to be collected, store it separately from the research data. Consent, anonymisation, and encryption are a few other key areas to think about, when considering your data protection responsibilities.
- Consent: You must inform participants about how personal data will be used, stored, processed, transferred and destroyed. Apart from a few legal exceptions, data can only be shared with explicit consent, ideally in written form, so make sure you ask for the relevant consent for your project. See more on the ethics intranet pages including a sample consent form (docx). It can be time-consuming or even impossible to return to participants for further consent later on, so it’s important to think about the consent form wording carefully at the start; don’t hesitate to get in touch to discuss this for your project.
- Anonymisation: You are encouraged to publish your research findings and also the data underpinning them, but you must do so responsibly. Personal data should be anonymised as far as possible (e.g. removing key personal identifiers, hiding outliers, aggregating data) so that it can be shared – but you should still have obtained consent for this. Anonymising data allows it to be re-used for wider purposes than that originally specified, enhancing the value of the data.
- Encryption: This means that files are stored in an encrypted area, and can only be read with the use of a passphrase to access the contents. Microsoft Office software has an in-built encryption feature under File > Protect. If you’re collecting sensitive personal data, it must be stored with encryption, in line with ICO recommendations, to ensure compliance with the Data Protection Act. IT Services can provide encryption software and support.
As these areas relate to both research ethics and legal requirements, it is important to get these right. Participants should be confident in our practices, and good planning in these areas should also ensure no slip-ups that could cause problems for you when publishing findings. Just recently there was actually a retraction for a paper due to concerns over lack of consent from participants.
For more support on data protection in RDM, see the ICO online guide or the RDM intranet site, or email me for support at researchdata@cranfield.ac.uk.
Public domain image from MorgueFile.com
Categories & Tags:
Leave a comment on this post:
You might also like…
Sourcing company Betas in LSEG Workspace and Datastream
Following our introductory post on sourcing Betas, this post will go into a little more depth for those who may be seeking more complex data. Betas are accessible in LSEG's Workspace service, through Workspace itself, ...
You could save a life: The real impact of learning CPR
When writing this, my sister told me to tell you my age. I won't do that, but I will tell you that I was in my forties, with no previous heart problems when I ...
Need to create a reference list or citation quickly? Try MyBib or ZoteroBib!
Are you looking for a fast and free way to generate accurate citations and bibliographies for your assignments or research projects? Perhaps you've tried some reference management software and found that it wasn't really what ...
Downloading the FileOpen plugin for British Standards Online
You need to install and use a FileOpen plugin on your device to access any document you find on British Standards Online (BSOL). This protects BSOL’s digital assets from copying, piracy, and unauthorized sharing. You ...
Navigating Change from Private Sector to Humanitarian Supply Chain Management
Seven questions with alumna Miori Naito, Supply Chain Officer in Kenya on her inspiring career shift from commercial to humanitarian supply chain operations, the challenges and rewards of her bold move from Tokyo to ...
Sadaf’s ‘gap-bridging’ MBA. A transformative Cranfield experience
After six years of digital transformation projects for a global, financial institution, Sadaf sought to scale her influence, contribute meaningfully to the business world, and lead change in a structured and strategic way. Recognising ...