back to resources

Collecting and Managing data

OPEN AIRE Project Data Management Plan

Data Management Plans help reviewers to understand exactly what a researcher proposes to do with the data they collect. It is a way of demonstrating that the data will be handled, legally and with integrity.

The European Commission has some very useful guidance on how to fairly manage, store and use data.

Guidelines on FAIR Data Management in Horizon 2020 (v3, July 2016)

Primarily in the European arena, the most far-reaching factor that has to be taken into account when collecting and managing data is the General Data Protection Regulation (GDPR). Enforced on 25 May 2018, GDPR replaced the EU’s previous framework on data privacy – a ‘directive’ that had been in operation since 1995. While retaining the overall regulatory approach, the GDPR has also introduced multiple new compliance obligations, including greater sanctions, compared to the previous legal framework. The idea behind the GDPR (as for the original directive) was to better regulate and safeguard personal data protection and privacy. It takes more account of data gathering and management for research purposes, but leaves a great deal still open to interpretation. Nevertheless, this appears to set an international standard for legislation enacted by Member States and beyond the European area. The situation can change frequently so, if you come across useful updates and/or templates and protocols, do let us know.

One of the most important actions researchers need to be clear about and research users need to check on is how anonymisation and/or pseudonymisation can best be performed. The UK Anonymisation Network offers some very useful practical guidance on how to do this in their ‘Frameworks’.

Code of Ethics for Data-Based Value Creation

The “Code of Ethics for Data-Based Value Creation” is aimed at companies and organizations that offer services or products based on data. Its purpose is to systematically address the ethical issues that arise in the creation or use of such products and services. To this end, concrete recommendations are made, based on three ethical and three procedural values and structured by the four main steps of the data life cycle.

The Code consists of the following documents:

1) Overview
2) Basics
3) Recommendations
4) Implementation
5) Context