Create a research data management plan

Outline the types of research data that are expected to be created or collected

Research data can be in any form, for example, electronic or hard copy, video, audio, artefacts, machine readouts. It can include survey/questionnaire data, consent forms, laboratory log books, videos of artistic performances, audio records of interviews and their transcripts, physical samples (including biological samples of animal or human origin), photographic images, environmental or habitat data, observational data (of humans or animals).

Please include:

• The source of the data - is the data coming from primary sources including data subjects, for example, survey participants, video recordings), being generated, or from a third party (such as secondary data)?
• The volume of data do you expect to generate.
• If you will be working with human participants, give special consideration to the following:
  • Who are the data subjects (for example survey participants or interviewees)? Are there, or might there be, any vulnerable subjects? These could include, but are not limited to, children, older people, patients, prisoners, asylum seekers, those who are physically or mentally unwell.
  • How many data subjects will there be?
  • What is the purpose of the data that is being collected?
  • Are you creating or collecting personal, sensitive or special category data such as health, religion, race, sexual orientation, genetics and biometrics, relating to a living person or persons?

For primary data, briefly describe how the data will be collected or created

• Will you be using recorded interviews, observation, physical measurement, taking samples, computer/instrument generated, survey, film etc.
• Outline any professional or community standards that will be adhered to.
• If you are generating digital survey data, what system will you use?
  Please note: Qualtrics is currently the only survey tool authorised by UWE Bristol.

If you are collaborating with any third party organisation or individual

• Outline any data handling agreements that are in place - such as data processing agreements, data sharing agreements or collaboration agreements which include data sharing/handling arrangements.
• If data is to be held by a third party describe when, where, and how the data will be held by the third party.
  Please note: personal data should not be moved outside of the European Economic area without safeguards being in place (please email The Data Protection Team at dataprotection@uwe.ac.uk for advice).

If you are using third party data (such as a secondary data source), say how this will be obtained

• Outline any restrictions on third party data use, or any access or use agreements that you/the University will need to sign.
  Please note: you should never sign anything without first consulting with Megan Wiggins in The Contracts Team at Megan.Wiggins@uwe.ac.uk, as you do not have authority to do so.
• Are you collecting or accessing data under restricted access conditions, for example within the NHS, ONS, or Criminal Justice System?

UWE Bristol Ethics process for human participants - Consent

Ethical approval MUST be granted by UWE Bristol's College or University Research Ethics Committee in respect of research and/or evaluations involving human participant data. Both legal and ethical dimensions of research data must be considered (please see note 7 in relation to Data Protection). In relation to personal data, the combined effect of ‘law’ and ‘ethics’ is generally that you may only do with data what you have told research participants you will do, and which you have gained consent for.

Please explain here briefly how you will:

• gain consent - for what you propose, including data processing in the way you propose, from participants
  • Please ensure that you consult the guidance on participant consent forms (DOC). Will this consent enable future sharing and re-use? If this is not appropriate, and you do not propose to share and re-use, say so here.
  • If you will not be gaining consent please set out your justification. Where professional standards may exist, for example in covert research, or in filming crowds, please set out any professional standards you will be adhering to.
• provide participant information
  Please see the guidance on participant information sheets (DOC) and the recommended Participant Privacy Notice (DOC).
• handle personal, sensitive or other special category data.
• protect the interests and identity of any research participants - for example data anonymisation.

See the Information Handling Policy (PDF) for definitions of data classifications.

Please be clear how data will be stored at each stage of the research. You must comply with the Information Security Policy (PDF) and take account of the Information Security Toolkit.

You should take a "life course" approach to your data, being clear about the "data journey". For example, if you are interviewing human participants, taking samples, or collecting measurements or other data in the field, how will the data be stored at all stages of the research, how will it be securely transported, backed up, anonymised or pseudonymised, archived, securely disposed of?

Outline where data will be stored during the research

It is usually a requirement that research data is stored on a UWE Bristol networked drive (S or H), or on UWE Bristol OneDrive. If this is not possible, for example in the case of very large datasets, or situations where you will not have network access, you should consult the IT Service Desk for advice.

Please note: the only Cloud provision which is acceptable for use is UWE Bristol OneDrive, not Dropbox or any other provision.

How will data be backed up?

• Who is responsible for conducting data back up, and version control?
• How frequently will data be backed up?
• Is sufficient storage available via UWE Bristol systems, or do you need to consider additional storage needs and associated costs?

See UWE Bristol's data storage pages (intranet only) for information.

How will you manage file versioning during the course of the research?

Is there a standard that will be used?

Note what file format(s) you intend to use to store data

Where possible it is better to use non-proprietary file formats that are in widespread use to ensure on-going readability of data.

The UK Data Archive has a list of file formats which are in common use.

Outline how you will record information about your data

This is so that you, and others where appropriate, can access and use the data. This might be during the course of the research, or afterwards. Say where this information will be held, for example within the data itself, in a readme.txt file, in a database, or using another system.

As a minimum, you should record date, name and purpose of the data, the creator, details of how the data was created/analysed, explanations of any codes or abbreviations used.

For further information, see the Research Data Management guidance on documenting data.

Please describe here what you will actually do with the data, throughout its life course

Set out the data security measures that you will take in relation to the way you will use the data. Data security measures should be appropriate to the data involved.

UK Data Protection legislation requires that personal data will be processed in a manner that ensures appropriate security including protection against unlawful processing, accidental loss, destruction or damage (also see Note 7). However, it is not just personal data; other kinds of data will also need careful handling, for example security sensitive research, commercially sensitive data, data subject to export controls, or environmental information (for example, in relation to rare or endangered populations of animals).

• Who will have legitimate access to which elements of the data, and at which stages of its life course?
  • Will any third party processing of data take place? If so, by whom and for what purpose? (for example, use of a UWE Bristol approved transcription service)
• How will you ensure only those who have a legitimate right to access the data can do so?
• By what mechanisms will data be shared between research partners?
• If you are generating data in the field, how will you ensure its safe transfer to UWE Bristol secure systems?

Collecting personal data and complying with data protection

The General Data Protection Regulation (GDPR), implemented in the UK by the Data Protection Act (2018), states that there must be lawfulness, fairness and transparency in relation to any data subjects.
Use this section to consider how you will ensure that this data principle is upheld. Please refer to the Data Protection Research Standard (intranet only) for information.

If you are working with human participants

• Outline how you will ensure you comply with the principles of accuracy and minimisation of data collected.
• Outline how you will ensure that data is kept in a form which permits identification for no longer than is necessary (storage limitation under GDPR).
  Where data needs to be kept in this form for a longer period of time (for example, clinical trials data) please justify that here. Consult the Data Protection Research Standard (intranet only).
• Please set out here whether you have conducted a Data Protection Impact Assessment (DPIA) (staff intranet), and any necessary subsequent action. If you do not need to conduct a DPIA, please justify this here.

• Please see Export Controls Regulations Guidance.
• If your research data may have a “dual use” or potentially be used in weapons of mass destruction (such as certain materials or algorithms) then you must set out here how you will ensure that you comply with the relevant regulations.
  Please note: the consequences of a breach of Export Controls can be extremely serious, so if you are uncertain, seek guidance from your College Management.
• In relation to other legislation and regulations, are there any specific implications for your research data? If so, please set them out here.

Who owns the IPR of any data collected or created?

• In the case of partnership working, is this covered by a collaboration agreement?
• In the case of derived products (including derived datasets), who owns, controls and has permission to use these?
• Are the measures you have set in place in relation to the research data appropriate to protect IP and not infringe third party IP?

Refer to The UWE Bristol Policy on Intellectual Property (PDF) for information.

Researchers are encouraged to think about preserving their data and, where appropriate, making it available for sharing and re-use. Some funders and publishers have specific requirements relating to data retention.

Please explain here:

• How you will decide which datasets to keep beyond the end of the research.
  Include the reasons for your decisions and be clear how this relates to participant consent if you are working with human participants.
• How long will you keep data.
  • Are you using a schedule from a funder/publisher?
  • Outline if there is any data which must be securely destroyed during, or at the end of, the research and how this will be achieved.
• Where any data to be preserved will be deposited.
  For example, in an established discipline specific, or other, national data repository, or in UWE Bristol's data repository.
• If you do not plan to use a data repository, explain how your data will curated and preserved beyond the end of the research, or why and how it will be securely and safely disposed of.
• If and how you intend to share your research data for re-use.
  If appropriate, note how participant consent allows for this.
• Note any access limits to the data.
  For example, does your data contain personal information about research participants that requires access controls, or are you working with an external collaborator?
• State at what point you plan to share your data, if you plan to do this.
  • Will there be an embargo period?
  • Do you have a funder that has a specific data release schedule?

If it is not appropriate to share your data, state why here.

For further information, see guidance on Preserving, Sharing and Disposing of Research Data.

Outline the proposed arrangements if any member of the research team leaves the University

Please note: no student or staff member is permitted to remove data from the University without the permission of the data owner. This is the Pro-Vice Chancellor Research and Business Engagement, delegated to College Deans. This permission will only be granted where it is consistent with the University’s interests and legal and ethical obligations.

The UWE Bristol project manager has overall responsibility for enacting the research data management plan, but others such as other UWE Bristol research team members, external collaborators, or other third parties will have a role to play. Please set this out here:

• What are the different roles within your research team - at UWE Bristol and/or external collaborators, in relation to the data?
• Do others have a role in relation to research data - for example, data gatekeepers, archivists, personnel in other organisations who are not part of the research team.
• Have formal agreements been set in place by the Contracts team - as appropriate, with research funders, collaborators or other partners?
• What are the different roles within your research team in relation to the data?
• How these roles, including the UWE project manager, will be fulfilled in the case of a significant period of unanticipated absence (such as sickness leave, or a member of staff leaving at short notice).

Outline any resources you will need to fulfil your plan

Consider, for example:

• equipment needs - such as an encrypted UWE Bristol laptop or recording device
• long-term storage provision - including resource to pay for it
• transcription costs
• staff time - to ensure data is properly handled
• encrypted additional hard drive or other additional storage
• training or additional staff expertise
• preservation costs - including time for preparation for archiving
• costs associated with any third party data.

See the UK Data Service guidance on costing data management for further guidance.