Research data security

The purpose of this guidance is to set out UWE Bristol's expectations of researchers in relation to the security of research data, and to signpost researchers to relevant specific guidance.

'Research' as used here means research by staff or students at any level.

Research data can be in any form, for example:

• electronic or hard copy
• video
• audio
• artefacts
• machine readouts.

All is valuable and must be appropriately protected.

Classifications

Research data should be classified as either (in accordance with the University's Information Handling Policy):

• public
• restricted
• confidential.

Data definitions

This guidance refers extensively to data which is confidential or restricted, including data which relates to an identifiable living person (personal data).

However, all research data is valuable and should be protected from loss. Care must be taken to appropriately protect the data asset. Some data will also be particularly sensitive, for example:

• company financial data
• security sensitive information
• information which may relate to dual use technology
• data relating to populations of wild animals.

Expectations

This guidance sets out UWE Bristol's expectations and the sources of support available.

• Research data must be securely stored, used and, only where appropriate, shared.
• Researchers working with:
  • security sensitive information should consult the University Research Ethics Commitee (UREC) Guidance and
  • human tissue or animal/animals by-products the relevant UWE Bristol Quality Management System.

Further information

Please note: this guidance is supplementary to the following:

• Data protection standard for research (incorporating GDPR) (PDF)
• Information Security Policy
• Create a research data management plan

For specific guidance, please visit the relevant research data security guidance pages below.