GDPR requires that the risks related to the processing of personal data be assessed before any such processing. Familiarise yourself with the data protection and risk management guidelines of Tampere higher education community and consider the following:
After completing the assessment, verify with the Data Protection Officer of the University whether your data requires an impact assessment in accordance with the GDPR. Data Protection Officer can be reached at firstname.lastname@example.org.
Please also find out whether the funder of your research, owner of the data or any other external party has any claims concerning the data.
Collecting and processing special categories of personal data (or “sensitive data”) is possible for scientific or historical research purposes or statistical purposes (article 9, EU’s General Data Protection Regulation). Special categories of personal data include:
When sensitive data belonging to special categories are collected, consent must be explicit. Sensitive data also requires specific protection because there is a significant risk to the fundamental rights of the individual. In the data management, actions intended to minimise the risks of revealing sensitive information must be taken care of during the entire data lifecycle.
Photo by rawpixel.com
Intellectual property rights affect the way you and others can use your data. Consider at the early stage of your research
Copyright is regulated by the Finnish Copyright Act (pdf), but research data are not always protected by copyright, because it seldom meets the criteria for originality. Research data, can however, include parts that are protected by copyright. Especially if you use third-party data, copyright issues and permissions to reuse the data must be considered.
Copyright (Finnish Social Science Data Archive)
It important to agree on who owns the data in order to avoid possible conflicts about the usage rights to the data. Data ownership issues should always be agreed upon before the collection process begins. If ownership issues have not been considered early enough in the research life cycle, sharing and reusing the data may become impossible.
Patent is a form of legal protection for intellectual property. It gives its owner exclusive right to an invention, therefore excluding others from making, using, selling and importing that invention. To be patentable, an invention must be new, involve an inventive step, and be industrially applicable.
If your research data contains personal data, plan your research data management with special care. Personal data means:
any information relating to an identified or identifiable natural person (‘data subject’); identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (EU’s General Data Protection Regulation).
According to Tampere higher education community's Data Protection policy (Tuni intra) the the basis for collecting, processing and storing personal data for research purposes must always be described in the research plan and in the data management plan.
Remember these when collecting and processing personal data:
For more information, please contact email@example.com
Read more: Anonymisation and Personal Data (Finnish Social Science Data Archive
Responsible conduct of research and good scientific practice should be followed at all times. Each researcher and research group member is responsible for ensuring that their research complies with the generally accepted ethical principles. Ethical review is needed in precisely defined research configurations. See more at Finnish National Board of Research Integrity.
Ethical commitees in Tampere:
There are several national advisory boards which promote and review ethical issues of research:
the researcher complies with the standards set for scientific knowledge in planning and conducting the research, in reporting the research results and in recording the data obtained during the research.