On September 24th the Library & Archives Service and IT Service organised a 90 minute seminar on dealing with information security and open access requirements in research project on September 24th. The purpose of the session was to demonstrate how research projects could address conflicting requirements for keeping information secure and making it available for access and use, through adoption of a considered approach to data management.
The session began with a presentation by Gareth Knight titled ‘Keep your research secure and address Open Access obligations‘. He began by examining the legal, funding, institutional, and domain requirements that influence a research project and considered how they change over time. The proposal development stage, for example, has evolved to incorporate ethics approval, peer review of proposal abstracts, and Data Management Plans activities. He noted that it can be difficult for projects to keep up-to-date with evolving needs/requirements, particularly in longitudinal studies and other long-term projects working to an established project plan. To enable research projects to identify evolving needs/requirements and adopt an appropriate response, he recommended that projects perform a SWOT or Gap Analysis every 6-12 months.
Marion Rosenberg’s presentation on ‘Keeping Personal and Sensitive Data Securely‘ explored requirements for protecting data from unauthorised access. Although requirements for information security are based around the Data Protection Act, she emphasised there was a need to keep all data secure. This requires projects to take a holistic approach, ensuring that all components of the research process – data, systems, and people – are managed with consideration of security requirements. The people component, she noted, was often overlooked. Security holes can be created through basic oversights, such as failing to lock or log-off a computer before leaving it unattended. Marion went on to speak of the financial, reputational, and capability implications if personal information is lost, damaged, or made available and the actions that may be taken to address risk factors.
Andrew Gray gave a presentation on ‘Making Research Open Access‘ which examined the issues surrounding OA. He examined the benefits of making research freely available, moving on to describe different types of Open Access and licence models. The presentation concluded with a description of support available within the School and services that may be used to host research papers.
Finally, Gareth Knight gave a presentation titled ‘Shareable by Design‘, which explored how researchers can make better use of their research through making it available. He began with an overview of the benefits of data sharing, noting its role in meeting funder requirements, improving the author’s research impact, and enabling better research in the broader community. This was followed by a description of a 5-layer model for sharing research data, focusing upon steps to enable data to be found, obtained, accessed, used, and cited.
To conclude the session, the presenters reflected on the statement that developments in open access and data sharing conflict with the need to keep information secure. It was recognised that health data needs to be kept securely during the development process, but this should not preclude the possibility of making it available at a later date. An anonymised subset can be released following project completion, if the project have addressed IPR issues through participant consent/collaboration agreements and performed activities to anonymise and document the data.