The document discusses open access data protection, storage, and sharing. It addresses how to ensure fair processing and security of personal data when making it openly accessible. Key points include obtaining participant consent, anonymizing data when possible, using technical security measures like encryption, and establishing a "dark archive" for confidential data not suitable for open access. The document provides guidance on what information to share with research participants and considers challenges around anonymization. It also briefly outlines exemptions to freedom of information requests.
2. Open Access is all about sharing research
freely and openly
-
Data Protection Act is all about protecting
people's rights in respect to how information
about them is used.
-
Freedom of Information provides right to
access official information held by public
authorities
-
Confidentiality in maintaining Trade Secrets &
commercial interests etc
3. Data Protection Act
• FAIR PROCESSING
• Fair
• Open and transparent
• Justified
• Reasonable
• SECURITY
• Technical and Operational Measures to protect against
• Unauthorised Access
• Damage to the Data
• Loss of Data
4. 1. Can we ensure fair processing of personal data
when it’s deposited in Open Access archives? If
so, how?
2. How can we ensure the security of personal
and confidential data throughout the research
process and into Open Access Archives?
5. Fair Processing
• Consent
• Information for research participants
• Contractual Clauses
• Anonymisation (Raw Data vs. Articles)
• Ethics
• User Licences
• Dark Archive
6. What to tell participants?
• Standard information (who you are, what you’re
researching etc)
• What information are you collecting (photos, personal
experiences)?
• Who will have access to the data? Can you guarantee
that identities will be protected?
• Will data be placed in an archive? Who will be able to
access this?
• What are they consenting to?
7. Anonymisation
• Is it necessary? Oral histories, profiles
• Time consuming
• Removal of direct identifiers
• Removal of indirect identifiers
• Devalue research data?
• Research publications vs outputs
8. Security
• Encryption (portable devices)
• Complex passwords
• Do not exchange data using cloud/email unless
encrypted
• Backup data (and test it periodically)
• Ensure confidential data is secure in locked offices,
cabinets.
• Take care when disposing of devices/records that hold
or accessed sensitive data
• Dark Archive
9. Dark Archive
• The University’s Dark Archive will be part of the
institutional repository where completed data sets which
are not suitable to be made available on OA can be
stored.
10. Freedom of Information
Exemptions
1. Information already accessible
2. Information to be published at a future date
3. Personal information
4. Prejudice to commercial interests