Published May 28, 2024 | Version v1
Publication Open

Additional instructions for planning the management of confidential and personal data

Description

Note: Instructions in Swedish can be found here: https://doi.org/10.5281/zenodo.12566606

Introduction

These instructions offer additional guidance for planning the handling of confidential and personal data, and are to be used alongside the general Finnish DMP guidance. Confidential and personal data may often be referred to as sensitive data.

Note that research organisations provide guidance for researchers on complying with the principles of data protection and information security. Please familiarise yourself with your organisation's data management guidelines and, if needed, contact your home organisation's support services.

We have arranged the instructions under each numbered section of the data management plan (DMP) so that you will first find the guidelines on what to write in each section, then practical Tips for best practices to ease the writing process, and finally some useful Links concerning that specific section.  

The data can include both confidential data and personal data. These data types are described below.

Types of confidential data:

·      Data that are confidential or secret based on legislation (such as national defense)

·      Data that are trade secrets (e.g., innovations that may lead to patents)

·      Data that are under a non-disclosure agreement

·      Sensitive species data, such as data concerning endangered animals and plants, data related to nature conservation or biosafety

·      Data that are confidential by agreement between partners (such as unpublished research data, data from business partners)

·      Unpublished research data

Types of personal data (all data from which a person can be identified either directly or indirectly):

·      Direct identifiers: These can include a name, phone number, personal identity code, image, audio, fingerprint, dental chart or MRI image.

·      Indirect identifiers: Examples of these are gender, age, education, professional status, nationality, location data, career history, system log data, marital status, place of residence or vehicle registration number.

·      Special categories of personal data are any data whose disclosure could harm the study subjects. They are related to health, sexual orientation, ethnic background, trade union membership or religious conviction. In the General Data Protection Regulation (GDPR) their processing is heavily regulated.

·      In addition, there can be other types of personal data that are sensitive by nature. The parties carrying out the research are responsible for identifying these data, such as information about the use of social welfare services and status as a debtor, among other things.

Note that when handling any kind of personal data, you must acknowledge and address the seven principles of the EU's General Data Protection Regulation in the different sections of your DMP. 

Note that there are different levels of confidentiality. For example, there are different categories of personal information (personal data and special categories of personal data), which require different kinds of management. The same applies to all confidential data. Please check your organisation's guidance on information classification and information security.

Links

Files

ENG-Confidential_PersonalData_Final.pdf

Files (812.1 kB)

Name Size Download all
md5:a65319c2c39c4f26cebd2a4ea1c08afa
57.5 kB Download
md5:0d1725db76fdafd07b872891d203634b
355.3 kB Preview Download
md5:e22c8b93346daaa3befc6d5b0b6be1f2
56.8 kB Download
md5:e3478dea6fa4537ad8d3d4fb8e855566
342.5 kB Preview Download

Additional details

Additional titles

Translated title (Finnish)
Lisäohjeet aineistonhallinnan suunnitteluun aineistolle, joka sisältää luottamuksellista tietoa tai henkilötietoa

Related works

Is version of
Publication: 10.5281/zenodo.12566606 (DOI)