The following list can be used as a checklist at the end of a research project:
- Publication and peer review
- What is stated in your Data Management Plan?
- Open Science Policy at SDU
- Storage and deletion
In connection with publication, you may find that you have to consider whether in your research project you have processed personal data in accordance with the rules. In such cases, you can use a standard passage prepared by SDU RIO.
Please also be aware that the publication of research data containing personal data can only take place with the explicit and informed consent of the data subjects. If you need to publish research articles that contain personal data, please contact SDU RIO for guidance. In this connection, you may consider whether it makes sense to publish metadata of the project data without publishing the data themselves. Data are made searchable that way, and you have the opportunity to make other researchers aware that the data exist. If you need guidance on this, please contact RDM support.
When conducting a peer review of other researchers’ articles, you should pay special attention if the material contains personal information. This information must be stored and processed securely and must always be deleted after the review has been completed. SDU recommends Nextcloud in this regard.
At the end of the research project, you need to look at your Data Management Plan again. Here you must especially check the end date and what should happen to the data at the end of the project – for example, are the data to be deleted, transferred to the Danish National Archives or anonymised?
If the data are to be anonymised, it is important that they are anonymised in the sense of the data protection law. You can read more about pseudonymisation and anonymisation of data here. If you are in doubt as to whether data are anonymised in the sense of the data protection law, you can ask SDU RIO for guidance.
In March 2018, the Executive Board adopted an Open Science Policy at SDU. The policy includes Data Management Plans, open research data and Open Access to scientific publications. Sharing research data is absolutely central to Open Science, and thus also to the Open Science Policy, and aims to benefit other researchers, society and help make research transparent.
Anonymised data can be made available to other researchers, e.g. in a data repository. See an overview of data repositories here. Please note that data that have had civil registration numbers removed or encrypted are not considered anonymised in the sense of the data protection law and can therefore not be published.
Usually, you get permission to store the personal information for 5 years after the end of the project, so that you can subsequently document your results. The five years follow the recommendation in the Danish Code of Integrity in Research. The fact that you are allowed to store the information does not mean that you can use the information actively (for example for new research) during the storage period. SDU RIO will contact you 3 months before and again 1 month before the expiration of the 5 years. Afterwards, the personal information will be deleted unless they have previously been transferred to the Danish National Archives or anonymised.
If you want to reuse the personal information in a new project, you must notify the new project to SDU RIO and get permission to reuse the personal information processed at an earlier time.