Skip to Main Content

Research Data Management: Ethical Issuses& Confidential Data & Data Protection

Ethical Issuses

If your research project involves human participants, personal data, and/or regulated material and procedures, it must be reviewed and approved by an ethics committee before the research begins. 
Any research data relating to human participants will need to be carefully managed. This may include using suitably secure storage (transferring data securely when moved) and placing appropriate restrictions on who can access the data. It is also important to ensure participants have full information about how their data will be used - and, of course, that any assurances made are acted upon.
The UK Data Service offers a Research Data Management guide that covers (among other things) ethical issues, data protection, and anonymization. Please also see CUREC’s Best Practice Guidance, especially BPG 06 (Internet-mediated research), BPG 09 (Data collection, protection and management), and BPG 10 (Conducting research interviews).

Confidential Data

Much research data – even sensitive data – can be shared legally if researchers employ strategies of informed consent, anonymization, and controlling access to data.

Anonymising data

Preserving the privacy of participants

Anonymization is a valuable tool that allows data to be shared while preserving privacy. Anonymizing data requires that identifiers are changed in some way, such as being removed, substituted, distorted, generalized, or aggregated.

A person’s identity can be disclosed by:

  • Direct identifiers such as names, postcode information, or pictures.
  • Indirect identifiers, when linked with other available information, could identify someone, for example, information on workplace, occupation, salary, or age.

Balancing anonymization with keeping data useful

You decide which information to keep for data to be useful and which to change. Removing key variables, applying pseudonyms, generalizing and removing contextual information from textual files, and blurring image or video data could result in missing important details or incorrect inferences being made.

Anonymizing research data is best planned early in the research process to help reduce anonymization costs. It should also be considered alongside obtaining informed consent for data sharing or imposing access restrictions.

Personal data should never be disclosed from research information unless a participant has consented to do so, ideally in writing.

Below are links to web pages containing best practice guidance on anonymizing data:

Anonymising qualitative data


Anonymising quantitative data


Anonymisation step-by-step


Data Protection

Researchers obtaining data from people are expected to comply with the relevant legislation, such as data protection legislation (e.g., GDPR and the KVKK). Assessing disclosure risk can help to apply best practices of gaining consent, anonymizing data, and regulating access to enable data to be shared.

Some ethical issues, such as the duty of confidentiality, are legally binding.

Below are links to web pages which give further information on legal obligations and practical guidance on how to address this:

=> Access Control

=> Data Protection Legislation

=> Personal Data Protection Authority (KVKK)

Source: UK Data Service