Data protection in research data management
06/03/2017

There was a young man we’ll name Paul,
Who answered a short survey call.
He provided his data
And was shocked to see later,
His age, faith, and health shared with all.
This limerick is definitely an example of what not to do! If you’ll be collecting any personal data or sensitive personal data during your research project, you will need to work carefully to ensure participant involvement is correctly handled, in compliance with the Data Protection Act.
Before anything else, ask yourself: do you even really need to collect personal data? Does it really hold research value or are you collecting it for administrative purposes? If personal data does need to be collected, store it separately from the research data. Consent, anonymisation, and encryption are a few other key areas to think about, when considering your data protection responsibilities.
- Consent: You must inform participants about how personal data will be used, stored, processed, transferred and destroyed. Apart from a few legal exceptions, data can only be shared with explicit consent, ideally in written form, so make sure you ask for the relevant consent for your project. See more on the ethics intranet pages including a sample consent form (docx). It can be time-consuming or even impossible to return to participants for further consent later on, so it’s important to think about the consent form wording carefully at the start; don’t hesitate to get in touch to discuss this for your project.
- Anonymisation: You are encouraged to publish your research findings and also the data underpinning them, but you must do so responsibly. Personal data should be anonymised as far as possible (e.g. removing key personal identifiers, hiding outliers, aggregating data) so that it can be shared – but you should still have obtained consent for this. Anonymising data allows it to be re-used for wider purposes than that originally specified, enhancing the value of the data.
- Encryption: This means that files are stored in an encrypted area, and can only be read with the use of a passphrase to access the contents. Microsoft Office software has an in-built encryption feature under File > Protect. If you’re collecting sensitive personal data, it must be stored with encryption, in line with ICO recommendations, to ensure compliance with the Data Protection Act. IT Services can provide encryption software and support.
As these areas relate to both research ethics and legal requirements, it is important to get these right. Participants should be confident in our practices, and good planning in these areas should also ensure no slip-ups that could cause problems for you when publishing findings. Just recently there was actually a retraction for a paper due to concerns over lack of consent from participants.
For more support on data protection in RDM, see the ICO online guide or the RDM intranet site, or email me for support at researchdata@cranfield.ac.uk.
Public domain image from MorgueFile.com
Categories & Tags:
Leave a comment on this post:
You might also like…
How do I reference… a newspaper article in the APA7 style?
If you're using newspaper content in your work, you may be wondering how to reference it. Is it exactly the same as a journal article reference? Well, it's pretty similar. Here's a short guide. To ...
Resource trial: Writefull
Throughout June, Library Services are running a trial for Writefull which provides tools to help with academic writing. Writefull's support includes proofreading, spelling and grammar checking your work. It can also help you craft your ...
Working smarter, cleaner and greener: The future of manufacturing and materials
Everything we own, use or interact with in life starts with a material or materials. But even we in the industry admit that materials are a huge part of what has led us to where ...
Hubert Ovie Madise: My group design project
'Hubert Ovie Madise, what have you been up to the past ten weeks?' The Cranfield School of Water, Energy and Environment (SWEE) Group Design Project (GDP) module - that's what! The SWEE GDP module ...
The importance of big ideas: How small businesses can maximise their impact
Every year the Bettany Centre for Entrepreneurship hosts our annual entrepreneurship conference VentureDay. We are proud to have some small and medium enterprise (SME) owners on staff, including Heni Cloake and Gabriela Pearson, who share ...
How do I access the full-text of Harvard Business Review (HBR)?
This is one of the most frequently asked questions in the School of Management Library, presumably because HBR is such a key management journal and is renowned worldwide. The short answer is via EBSCO Business ...