Index of data protection guidance for researchers and research partners.
Background information:
Firstly, please ensure you have understood data protection at UCL and how to recognise the difference between personal and sensitive data at these links:
By topic
Research registration
- New research registration
- Amend research registration
- Privacy by design
- Public interest' as a lawful basis [pdf]
- Student lead research
- Information governance and research facilitation
Research planning
- Research ethics committee
- Data Protection Impact Assessment (DPIA)
- Writing privacy notices
- Data management planning
- Studies requiring Health Research Authority approval
- Supervisors for where students are processing personal data
- Research with children
- Copyright
Legal
- Lawful-basis for processing personal information
- Public Interest' as a lawful basis [pdf]
- De-identifying personal data (Anonymisation and Pseudonymisation)
- Unilateral confidentiality agreement [docx, template]
Security
Handling personal data
- Personal data overview
- Handling sensitive, personal & 'special category' information
- De-identifying personal data
- Sharing data
- Data management planning
- Data retention schedule [pdf]
- Deleting data securely
- Backing up important data
- UCL students processing personal data overseas
Appropriate safeguards
- Taking appropriate safeguards
- Implement safeguards against loss or corruption of research data.
- Data management planning
- Retention schedule [pdf]
Collaboration
- Appropriate safeguards
- Privacy notices
- International research
- International data transfer
- Transfers of personal data outside the EEA
- Unfunded research data sharing agreements
Templates
- Data sharing agreement template [docs] (for sharing personal data associated with non-sponsored research).
- Data processing addendum template [docx]
- Controller to controller [docx]
- Unilateral confidentiality agreement [docx]