Skip to Main Content

Data Management and Sharing Plans

This guide will take you through each of the elements you need to consider when creating a data management and sharing plan

Data backup and security

Data backup

  • ​Make 3 copies (e.g. original + external/local + external/remote)
  • Copies should be geographically distributed (local vs. remote) and may include personal computer hard drives, external hard drives, departmental or university servers. CDs or DVDs aren’t recommended, because they fail frequently. Tape backup system Cloud storage: several commercial options are available; each have different requirements, encryption, and storage fees

Data security

Unencrypted security is ideal for storing your data so that you and others can easily read it, but if encryption is required because of sensitive data:

  • Keep passwords and keys on paper (2 copies) and in a PGP (pretty good privacy) encrypted digital file.
  • Don’t rely on 3rd party encryption alone.

Uncompressed is also ideal for storage, but if you need to do so to conserve space limit compression to your 3rd backup copy.

To make sure your backup system is working properly, test your system periodically. Try to retrieve data files and make sure you can read them.

Need more help? The UK Data Archive provides additional guidelines on data storage, backup, and security. Princeton Research Data Service also provides a really helpful and in depth guide on Data Security.

Data Ethics (video)

This short video provides an introduction to data ethics - "the evaluation of moral problems related to data, algorithms, and corresponding practices in order to formulate and support morally good solutions." (National Center for Biotechnology Information). It is helpful to consider data ethics from the start of your project and particularly as you plan out how you will collect and manage your data.

Using Data Ethically (video)

Data ethics are important to think about as you make decisions on how you will acquire, process, disseminate, use, store and dispose of data throughout the research data lifecycle. This short video covers information you need to consider to use data ethically while completing your research (and personally as you share your personal data with others!).

Confidentiality and Ethical Concerns with Sharing Data

Before you archive and publish your data, you need to consider the confidentiality requirements to protect your research participants. When drafting your Data Management and Sharing Plan, you can do the following to ensure confidentiality:

  • Evaluate the anonymity of your data: Consider to what extent your data contains direct or indirect identifiers that could be combined with other public information to identify research participants. 
  • Obtain a confidentiality review: If you are depositing your data with ICPSR one benefit their staff offers is a Disclosure review services to check your data for confidential information.
  • Comply with regulations for health research set out by the Health Insurance Portability and Accountability Act (HIPPA)

To ethically share confidential data, you may be able to:

  • Gain informed consent for data sharing
  • Anonymize the data by removing identifying information. Note: any dataset with enough data points always present some risk of deidentification. 
  • Restrict the use of your data. Some repositories allow for restrictions to be placed on who can access your data. ICPSR for example, has a sample Restricted Data Use Contract and Restricted-Use Data Management Guidance. Note: be careful not to restrict your data so severely that it is no longer usable by others.