When storing and sharing research data we have the following recommendations to ensure you comply with Data Protection and GDPR.
A robust Research Data Management Plan (DMP) is required to demonstrate and ensure:
A DMP aims to address the dual objectives of making research data accessible to the public or wider academic community where possible whilst recognising that there are circumstances when access to research data must be restricted, either to achieve the highest standards for secure research data management or to fulfil commercial objectives.
In addition it is often required that you anonymise your data. Anonymisation of data is required to ensure the confidentiality of any participants. It will always depend on the context of your research and data being collected as well as any plans you have for sharing the data. In the world of open data there are other issues with respect to possibility to link data sets. You should carefully consider these aspects in the process of planning your research.
Your ethical review will be likely to benefit if you can show a research data management plan that covers the data lifecycle (collection, analysis, retention and/or disposal), ensuring that this is compliant with all current legislation.
The University of Southampton Library has a specific portal providing guidance and information on all aspects of research data management including security of data and sensitive data: