Data security

Guidance on research data security and the measures you can take to protect sensitive data.

On

About

Research data security is essential to prevent unauthorised access, disclosure, destruction or amendment of data.

The principal investigator or lead researcher of a project is responsible for ensuring data security, the level of which depends upon the nature of individual data.

Higher levels of security are required for sensitive data, which may include identifiable personal information, pose risks to commercial or intellectual property rights, or compromise national security.

Export control legislation (staff only link) may apply if there is a risk to national security or concern about the country to which data is being transferred. Researchers should also be aware of the GDPR and its implications for research.

If you have any concerns about data security, you should contact the IT Services helpdesk (student/staff only link).


Data security options

There are a range of data security measures you can take. These include

Further security measures to protect sensitive data include

  • ensuring conditions of data providers’ consent are met

  • anonymisation techniques or data aggregation to avoid disclosure of sensitive data

  • never storing highly sensitive data on cloud services, including Google Drive, or on machines connected to an external network

  • encryption (student/staff only link) of data if remote access is necessary, including via email or file transfer

  • encryption of data transported on storage devices

Sensitive data may need to be destroyed if they are deemed to have no long-term value, or due to ethical requirements. In certain cases, data should be destroyed so that no information can be recovered.

Researchers should be aware of the University’s information security policies (student/staff only link).

More information about data security

Information security (student/staff only link)

Research ethics and integrity

Legal and ethical issues (UK Data Service)

Working from home or off campus (staff only link)

Information security for research (student/staff only link)


Access control

A number of individuals may require access to a project’s research data, potentially with different privileges to read, write, update or delete. 

IT Services research data storage (student/staff only link) provides password protection and access to collaborators within the University.

The University Google Drive can be used to give controlled access to external collaborators, with the exception of highly sensitive data.

More information about access control and collaborative research

Data security and privacy with Google (student/staff only link)

Storage options for collaborative working (staff only link)

Strategies for collaborative research (UK Data Service)

For further information, contact rdm@sheffield.ac.uk.

Ask a question

Email: library@sheffield.ac.uk

Phone: +44 114 222 7200