Data management, data protection and integrity - How these link together

When conducting any research and innovation project there should be research governance and integrity checks in advance of starting the work. Some of these checks can take time and influence how you should plan your project.

It is important that your research has these checks to ensure the delivery of high quality research and to avoid potential issues later. Good quality research will uphold the highest standards of rigour and integrity and ensure that research is conducted according to appropriate ethical, legal and professional frameworks, obligations and standards. From a research integrity perspective – it’s the right thing to do!

Steps:

Usually the research governance checks should happen at project development stages (pre-award for funded research) as this involves checking the funder (if applicable), University and legal compliance of the proposed work. Integrity and ethical checks can be in development or initiation stages, but typically are at the project initiation step (post award for funded research). All these processes are interlinked but cover an aspect of a wider checking process:

Governance checks:

Governance checks are initiated at Napier through the review of a data management plan (DMP). This can be requested by sending your draft DMP to RDM@napier.ac.uk . Templates are available on the DMP intranet pages. Some funders require this as part of the application process (other related terms – data management statement, outputs management plan, data sharing). At Napier all funded projects generating data require a DMP at the project set up phase. When a DMP is reviewed it will be used to identify any potential risks to the project and University eg data protection and information security.

In order for the University to maintain compliance with its Cyber Essentials certification and other Information Services requirements there should also be a review of any data management practices which may involve the use of new or non-University managed IT hardware, software or services. University provided tools to manage/handle your data can be found here. There are forms to contact Information Services about the purchase/use of new IT equipment or software for research. For all other IT enquiries, please contact the IS Service Desk.

We encourage data protection by design for projects involving people or data from/about individuals. Since this may affect your proposed methods it is wise to start this process early. You can contact the data protection team directly at dataprotection@napier.ac.uk . They also have information and templates available on their intranet page.

Integrity:

Research integrity means conducting research in a way which allows others to have trust and confidence in the methods used and the findings that result from this. Within the University, conducting research with integrity also means meeting the professional standards expected of our researchers.

Integrity checks occur through the Integrity/ethics committees. The governance checks should be in place before you apply to your School or University level committee. Doing the Governance review first should speed up the review process for the committee as some checks will already have been completed. But also the advice from the Governance review should help you complete the various sections in the application form. Some schools are using the older Word document forms while others have moved to the online form and process within Worktribe.

Process:

We have created this document about the process for Governance and Integrity review of projects involving personal data (adapted from University of Glasgow process). Summary below: