Last week we informed you about handling personal data in education. Information is also available about the use of personal data within scientific research. You can find this on the Cyber Safety website.
The information on this website consists, among other things, of a guideline, poster, manual and register of processing:
- The guideline is intended as a guide to help you handle personal data in scientific research;
- The poster gives an overview about what must be taken into account before, during and after the research and how to work safely;
- The explanation of the poster is included in the manual;
- The register of processing is a registration tool for processing personal data in our organization.
Use the registration tool if you process personal data in your research
The General Data Protection Regulation (GDPR) obliges the UT to have a complete and up-to-date register of all processing of personal data in our organization. To comply with this documentation requirement, a registration tool has been developed. If you process personal data in your research, you must use this tool to report it, both for new and running projects. Note that pseudonymized data (through coding personal data) are not considered anonymous and need to be registered as well. Only research data which are completely anonymous from the start, fall outside the scope of the GDPR.
Draw up a Data Management Plan prior to the start of a research project
Prior to the start of a project, it has to be determined how the research data obtained is dealt with during and after the project. Researchers must draw up a Data Management Plan. Many funding programs have their own model, but the UT also drafted a template. More information regarding data management can be found on the LISA website.
Safely store your research data via UT storage
The UT storage (M- and P-drive) is certified according to the ISO27001 and NEN7510 standard (information security management in healthcare). Research data can be safely stored in a directory with restricted access. Also, you can safely share your sensitive research data with other researchers within your project via SURFdrive.
If you have any questions about the GDPR and research, you can contact the Data Protection Officer team through dpo@utwente.nl.
Kind regards,
Library, ICT Services & Archive
Data Protection Officer team
