Publishers and research funders increasingly require researchers to find a way to provide access to their research data, even if that data initially includes personal or sensitive information. In many cases, if sensitive data is effectively anonymised or modified, it will be suitable for publication.
Two broad options exist in the sharing of sensitive data after any modification has taken place, depending on the level of risk remaining: Where there is negligible risk of identification and appropriate consent is in place (e.g. participant consent or permission from a commercial partner), data may be made openly available either in whole or in part online, along with a metadata record, allowing others to discover, use and then cite the data.
Where some risk remains, or explicit consent is not in place, data may be made available via a form of controlled access. A publicly available means of alerting potential re-users to the existence of the data is still required; this is often done via the open publication of a metadata record providing potential re-users with information about the nature of the dataset and how to apply for access. When depositing data in any data repository, it is important to establish whether the process of granting access is managed by you, as the data creator, or by the repository.
Where controlled access is necessary, a data repository should be used that ensures data re-users are genuine researchers and that they agree to certain conditions of access. Potential data re-users are typically required to:
Question: Which of the following would be valid reasons for some form of restricted access to data?
1. The research participants were not asked explicitly whether they would consent for their anonymised data to be shared.
