Skip to Main Content

Research Data Management: Restricting Access to Data

Restricting Access to Data

There are some legal reasons for not making data publicly available. Some of these have to do with the nature of the data itself (e.g., the data is confidential or otherwise sensitive). In contrast, others result from the nature of the research process (e.g., researchers may still be working on their primary analysis or intending to seek a patent). 

However, even if data cannot be shared openly or shared immediately, this does not mean it cannot be shared at all. The sections below explore some of the options for restricting access to data that has been deposited in an archive.



It is generally acknowledged that researchers are entitled to a period of privileged access during which they can work on the data before making it available to others. However, if this period extends after the formal end of a project - because researchers are waiting for publications to appear, for example - the point at which the data becomes shareable may occur when researchers have already moved on to other endeavours. This is at best an annoyance, and at worst may make sharing significantly less likely to happen.

A convenient solution to this problem is to deposit a copy of the data with an archive which allows data to be placed under a fixed term embargo. This typically means that a metadata record will be available for the data, but the data itself will not be downloadable until the embargo has expired.

Another advantage of this approach is that the data is citable even before it is publicly available, and thus can be referenced in research publications and data availability statements.

The length of embargo that is deemed appropriate varies between disciplines and between funding bodies. Funders frequently stipulate that data should be made available as soon as possible; some specify a particular time frame (which can sometimes be shorter than researchers would like it to be), though there may be room for negotiation if there are good reasons to delay.



Access Controls

Some data archives can accommodate a range of different access restrictions. Common access controls include:

  • Requiring users to register and agree to a standard set of terms and conditions before accessing the data
  • Requiring users to submit an application explaining their intended purposes before access is granted
  • Permitting users to view the data only in a secure location after having been vetted and have received training in its appropriate use

However, provision in this area varies considerably: not all archives can offer all the options listed above, and some may offer others. It is thus important to investigate what is available from archives for data in your discipline at an early stage so that you can plan for ultimate sharing with this in mind.

For an example of a repository offering multiple access tiers, see the UK Data Service's page on Access Control. The UK Data Service uses the Five Safes framework: a set of principles designed to enable data services to provide safe access to data.

Some archives may ask you to nominate a data steward. This person can take responsibility for answering questions (and, where appropriate, making decisions) about your data if you cannot be contacted. If possible, it is better to nominate the holder of a particular post rather than a named individual. Some departments and units may have a designated data steward, or there may be a senior researcher (e.g., the head of a research group) who would be well-placed to take on the role; otherwise, a departmental administrator or subject librarian may be a good option.