First determine your privacy risk categorization (and where applicable your confidentiality risk categorization) and use that categorization to determine the most suitable storage option.
| Research Drive | SURF Drive | G-Drive | SciStor | |
|---|---|---|---|---|
| Red Data | ✓ * | ✗ | ✗ | ✗ |
| Orange Data | ✓ | ✓ * | ✓ * | ✓ * |
| Yellow Data | ✓ | ✓ | ✓ | ✓ |
| Green Data | ✓ | ✓ | ✓ | ✓ |
| Blue Data | ✓ | ✓ | ✓ | ✓ |
*The files stored on this option must also be encrypted.
You will often have several data files each with its own privacy risk categorization. If you are storing all of these files in one storage option, choose the option that protects the data with the highest privacy risk category. If a data file with a higher privacy risk can be used to re-identify subjects in your lower privacy risk files (e.g. higher risk = key file & lower risk = pseudonymized questionnaires) you should:
Make use of data de-identification methods to lower the privacy risks of your data; your raw data will still need to be stored at a higher level of security, but your processed data can be stored at a lower level of security, e.g. SURF drive without encryption, if you’ve sufficiently de-identified the data.
If you are storing data on Research Drive or SURF Drive, you will need to determine how you wish to access the data and whether or not syncing to your local device is appropriate:
If you are unsure whether you are storing your data in the right location, contact the FGB Research Data Officer. If your research is particularly complex (e.g. several large datasets from a wide variety of sources), it may be necessary to have IT help you develop a data protection plan. To get in touch with the right people from IT for support with this, contact the RDM Support Desk.