If your research data is considered sensitive, it means that you will have to consider a range of guidelines and regulations as you manage it. It doesn’t necessarily mean that you won’t be able to publish your research data.
What is sensitive data?
Data is considered sensitive if it can be used to identify an individual, species, object, or location in a way that introduces a risk of discrimination, harm, or unwanted attention.
The main categories of sensitive data are:
- personal data
- health and medical data
- ecological data that may place vulnerable species at risk
- geographic data that show the location of a sacred site.
What do I need to consider when handling sensitive data?
Make decisions about the handling of your sensitive research data before the start of your project. Take some time to find the best option to keep your data safe at all times. Should you decide to de-identify your data, it will save you time later to make provisions for it from the start.
You need to take extra precautions when storing sensitive research data. This guide provides information about the University’s data storage options.
Sensitive data should always be encrypted or password-protected. Never send unencrypted sensitive data via e-mail.
Avoid storing sensitive data on a personal computer or an external hard drive, as there is a risk of them being stolen or lost.
Can I still publish sensitive data?
Consider the advantages and disadvantages of publishing your research data. In most cases, the benefits, such as broader reach and possible citations, outweigh the additional effort and risks involved.
De-identified sensitive data is not considered sensitive anymore and can be published.
If de-identifying your research data is not an option, consider publishing the metadata of your dataset. This will mean other researchers can learn that it exists and approach you to collaborate in a way that fulfils the data’s sensitivity requirements.
Make sure to comply with the University's Information Classification and Protection Guideline.
This decision tree will help you determine whether you can publish your research data.
Further information and tools
Sensitive Data Decision Tree on the ANDS website: http://www.ands.org.au/__data/assets/pdf_file/0010/385309/sensitive-decision-tree.pdf
Sensitive data Guide on the ANDS website: https://www.ands.org.au/__data/assets/pdf_file/0010/489187/Sensitive-Data-Guide-2018.pdf
ANDS De-Identification Guide (with a helpful visual guide on page 2): https://www.ands.org.au/__data/assets/pdf_file/0003/737211/De-identification.pdf
IQDA Qualitative Data Anonymizer: The Irish Qualitative Data Archive's data anonymization tool: https://sourceforge.net/projects/datatool/
More information about laws and regulations for the protection of personal and health data: https://med.data.edu.au/personal-health-data-and-research/#it_system_requirements
Source: ANDS: Publishing and sharing sensitive data, https://www.ands.org.au/__data/assets/pdf_file/0010/489187/Sensitive-Da…