Suggestions on survey tools suitable for researchers, including training courses and licence.
Survey tools are commonly used to collect personal data and use third party-provided software to facilitate this. Some survey tools can be hosted on UCL Information Services Division (ISD) infrastructure without the need for third parties processing UCL data. If you use a third party to process personal data you should follow the guidance here and be aware that UCL Data Protection Policy requires a contract in place between UCL and the third party before the processing begins.
UCL staff (but not students) may use UCL Opinio, hosted on UCL ISD infrastructure, to collect data and can be assured that their data will be managed in line with ISD standards - this does not mean it is safe necessarily to collect personal data in this way but one benefit would be that a data processing agreement would not be required.
Should you require a survey tool that provides protection for highly confidential information, please use REDCap in the Data Safe Haven. Please contact us if you want further information about how this fits with your research workflow. To apply, please check if you already have a Data Safe Haven project. If not, you will need to apply for the Data Safe Haven project along with REDCap.
There is a second installation of REDCap on UCL standard services. You can use this for information that is not highly confidential and to configure surveys outside of the Data Safe Haven and for testing which is then to be used only once moved into the Data Safe Haven for collecting personal data. To apply for this, please see the REDCap service page.
Using other survey tools
Survey tools used in research are often required to provide features that are not available through any of the above service providers. However, when using third party survey tools to process highly confidential information (see guidance Understand 'highly confidential' information), researchers should not try to collect identifiers such as names and email addresses as well as special category personal data in the same place, even where that special category data is pseudonymised - pseudonymisation requires adequate separation between identifiers and any data you are trying to protect, so if a single login ID can be used to link both data sets, then in fact the pseudonymisation has not been correctly applied.
For research using special category personal data and other highly confidential information, we recommend using REDCap in the Data Safe Haven to collect identifiers such as email addresses and names. If third party survey tools are to be used, REDCap can be used to issue a study ID number to participants and this should be used to marry up survey data between the identifiers in REDCap and the third party survey data.