Expand All

Research data management is an umbrella term covering how you organise, structure, store, and care for the digital information generated or used during a research project. It includes advance planning of how data will be managed, how data is handled on a day-to-day basis during the active phase of the project, and what happens to the data once the project has concluded.

Good data management helps make the research process more efficient, and can save you time and reduce stress. It also can also help with maximising your data's full potential, and enable you to get full credit for the work done.

For more about data management and its benefits, see the About data management section of this site.

It's important to start thinking about research data management at an early stage. This includes both how data will be handled on a day-to-day basis during the active phase of the project, and what will happen to it in the longer term. There are many aspects of data management which are relatively straightforward if they're planned for from the beginning, but much harder (and far more time-consuming) to do retrospectively.

For example, keeping clear records of how data has been processed is much less arduous if this is incorporated into your regular workflow. If your research involves human participants or personal data, you need to plan for handling the data properly, and to decide what you’d like to do with the data and obtain participants’ informed consent for this. Preparing data for preservation or sharing after the project concludes will be easier (and less likely to get sidelined in the end-of-project rush) if this has been thought about and factored in from the start.

The best approach is to make a data management plan. Your funding body may provide a template for this (data management plans are frequently required as part of a grant application); a number of more general templates also exist. DMPonline is a free tool that you can use to build a data management plan.

For more on this subject, see the Data management plans section on this website, or look at some of the resources related to data management planning in the Tools, services, and training section.

Data management tasks

Expand All

You may have access to storage space on a server in your department, or to other local storage systems: consult your local IT support staff to find out what's available.

Centrally provided storage options include OneDrive for BusinessTeams (both part of the Nexus365 suite of tools), SharePoint Online, and the LabArchives electronic lab notebook service. These have all been approved by the Information Security team as suitable places to store University data, including confidential data. For more details, see the Keeping working data safe section of this website.

Researchers should be cautious of third party commercial cloud storage, especially for personal or otherwise sensitive data, as these may not always offer adequate security, and may not always be GDPR compliant.

Researchers are strongly encouraged to consider preserving their data at the end of a research project. In particular, the University's Research Data Management Policy states than any data underpinning outputs (such as journal articles, theses, or presentations) should be retained for as long as it has continuing value, and for a minimum of three years.

ORA is the University of Oxford's repository for research outputs, including data - it offers long-term preservation for non-sensitive research data.

Many national and international disciplinary archives also exist. A catalogue of over two thousand of these is available at Re3dataFAIRsharing also offers a registry of knowledgebases and repositories for data. Researchers who deposit a copy of their data in an external repository are encouraged to add a metadata record (pointing to the deposited copy) to ORA.

DigiSafe is another University service which offers secure long-term archiving for digital material. However, DigiSafe is chiefly intended for material which needs to be preserved, but which cannot be made publicly available: it is a suitable home for sensitive data.

Some departments and units offer local solutions for long-term data preservation: consult your local IT support staff to find out what options exist.

For more on this topic, see the Post-project data preservation section on this site.

Two survey platforms are available free at the point of use to all University members: Jisc Online Surveys, and Microsoft Forms. Other tools are available to specific groups within the University: for example, the Medical Sciences Division runs an instance of REDCap for its members, and some departments subscribe to Qualtrics.

Researchers should be cautious of using third party survey platforms via a personal account or subscription, as these may not have passed the Information Security team's Third Party Security Assessment, and they may not store survey data in a way that is GDPR compliant. The IT Services Survey Advice Service can provide advice about selecting a suitable platform.

If the survey is for research, you will need to apply for ethics approval.

See the Data collection section of the Data handling and acquisition page on this site for more detail.

This is not a straightforward topic: there are few third party services offering the requisite functionality which have also been approved by the Information Security team for use with confidential data.

If a personal device is used for recording interviews, it should be encrypted if possible. Where this is not feasible, the recording should be transferred to encrypted storage as soon as possible, and the original unencrypted copy deleted.

One possible option for transcription is Microsoft Stream, which is available as part of the Nexus365 suite of tools.

For more of this topic, see the Data collection section of the Data handling and acquisition page on this site.

The University's Information Security team offers guidance on how to secure your research information.

One way to keep data safe is to store it in a secure system. Some departments or other units provide secure storage space for their members. The University also has a number of centrally provided services which have been approved by the Information Security team as suitable places to store University data, including confidential data: for example OneDrive for BusinessTeams (both part of the Nexus365 suite of tools), SharePoint, and the LabArchives electronic lab notebook service. These are all automatically backed up.

If you opt to store data on your own device, you may need to think about encrypting it. You will also need to ensure you have a proper backup routine in place, for example using the University's HFS service.

For more on this topic, see the Keeping working data safe section of this site.

Policies, processes, and compliance

Expand All

If you're dealing with personal data (that is, information about living identifiable humans), you'll need to ensure that your data handling practices are compliant with GDPR. You can find out more on the Data Protection and Research and Information Compliance websites.

Any research involving human participants will need to go through the University's ethical review process: see the Research Ethics section of the Research Support website for more details. You will also need to follow the Data Protection by Design framework, unless your project is a clinical trial that meets the criteria for sponsorship review by the University's Research Governance, Ethics and Assurance team (RGEA).

If your data is confidential or otherwise sensitive, you'll need to make sure you have adequate data security in place. See the Keeping working data safe section of this site for more details.

For more about handling confidential or sensitive data, see the Ethical and legal issues section of this site.

Research Data Oxford is an advisory group: we aren't able to approve or sign off specific tools or processes.

If you need to establish whether a particular service is sufficiently secure to be used for University data, you'll need to contact the Information Security team: their Third Party Security Assessment is designed to do just this.

If you are working with personal data, you'll need to work through the University's Data Protection by Design framework. This is administered by the Compliance team, and is designed to help establish the risk level of a given activity, and then to indicate the things that will need to be considered and the steps that need to be taken. This will help establish whether specific third party tools can be safely and compliantly used.

While Research Data Oxford isn't able to grant approval directly, we are happy to help you work out who you will need to contact, and to advise on possible approaches.

Overall responsibility for a project's data management plan usually lies with the Principal Investigator. The PI will generally be the person with the fullest knowledge of the project's aspirations, and hence is usually be best placed - perhaps with input from other project team members - to describe the data and the way it will be used.

If you need some assistance with the more technical aspects of data management, then the Research Data Oxford team is happy to help. Please email the team if you'd like to arrange a meeting; you can also send a draft copy of your data management plan to the team for feedback.

If you're wondering how to get started, DMPonline is a web-based tool that provides templates for data management plans, along with guidance on completing these.

Section 7 of the MRC's data management plan template includes spaces for links to a number of policies.

MRC Data Management Plan section 7

Screenshot of MRC DMP template

These may be policies which apply at institutional, departmental, or study level. A few suggestions for institutional policies are given below, but you will also need to check whether there are local policies which it would be appropriate to include.

Bear in mind that the purpose of this section of the form is to demonstrate that you are familiar with the policies which apply to your research. To give your application the best chance of success, it's therefore important to ensure you have read the policies and selected those which are most relevant (for example, a policy which deals exclusively with handling personal data will be less relevant if your project does not involve any data of this sort). It may also be helpful to state the steps you will take to comply with the policies elsewhere in the DMP.

Data Management Policy & Procedures

You could also include a link to the Research Data Oxford website. Most of the site content is guidance rather than policy, but this indicates that you're aware of the advice provided by your institution.

Data Security Policy

Data Sharing Policy

Oxford doesn't have a separate institution-wide policy on data sharing, but the main data management policy encourages data sharing where possible and appropriate.

As noted above, you could also include a link to the Research Data Oxford website, or to a specific section of it, such as the one on Sharing data.

Institutional Information Policy

Oxford does not have an institution-wide information policy (as distinct from the information security and data protection policies linked to above). However, there is a divisional policy which is likely to be relevant to projects applying to the MRC for funding:

Training and support

Expand All

A range of training courses relating to various aspects of research data management is offered by the University.

For more about training provided by both the University and other groups, see the Tools, services, and training section of this site. 

The Research Data Oxford team is a cross-departmental group of support staff providing advice and assistance on all matters RDM-related. If you have questions that aren't answered by this website, or if you'd like to make an appointment to talk about your specific requirements, get in touch by emailing researchdata@ox.ac.uk.

Further help may also be available to you within your department or division - for example, via local IT support staff or research facilitators.