Library Services


Storing, securing and backing up

Storing, securing and backing up your research data and study materials are key elements in the research data lifecycle.

For this reason it is important to think at the beginning of your research project how and where you are planning to store the research data you collect.

Deciding early on which data to keep, which to discard and in which file format will also inform your decision on where to store your data and to estimate the costs of preserving it, in the long and short term. Storage and preservation costs should be included in your funding proposal. Planning ahead means that the unique data you have collected will be easily found, accessed and re-used by you and other researchers (if appropriate).

In this guide you will find information about storage, security, long-term preservation, retention and disposal of data as well as information on sensitive and personal data.

UCL Data storage platforms

Below is a description of the options available to store your research data during your research project (i.e. what is sometimes called "live data"). We recommend to use UCL infrastructure whenever possible. A table comparing data storage options is availble to help.

Use UCL infrastructure

UCL Research Data Storage Service (RDSS)

If you are about to start or are currently working on a research project, whether it externally funded or something you are working on in your own time, it is recommended that you use the Research Data Storage Service.

The RDSS provides an access-controlled, centrally-managed, resilient data storage facility that can cope with very large data volumes and files. Data is backed up to tape every night. It ensures compliance with both UCL’s Research Data Management Policy and funders’ policies. Up to 5TB of storage is available free of charge to any project registered by a member of UCL staff, with additional capacity available at cost. The RDSS user interface enables PIs and administrators to change project membership, edit project details, see their remaining allocations, and request more space if needed.

Further information is available and you can email the Research Data Services Team with any questions.

UCL Data Safe Haven

If you handle anything subect to data protection legisation, or is from the NHS, as part of your research project you can use the Data Safe Haven. This service is managed by the Information Governance team who can be contacted using infogov@ucl.ac.uk.

Cloud services (not recommended)

Many companies offer (relatively) low-cost networked online storage, known as 'cloud' services. Although they are convenient and easy to use, you should be cautious when considering using these services, for the following reasons:

  • Terms of use may mean that the provider has a right to access or even use your data. If your data is confidential, it would need to be protected by encryption, and some providers do not allow encrypted data.
  • Providers do not accept responsibility for corruption, loss or damage to customers' data, and there is no guarantee of continuity of service. Providers also have different backup policies, varying from daily to monthly, and may or may not retain previous versions for a period, meaning that previous versions of documents may be overwritten by automatic synching. Files should therefore be backed up. This means using cloud services as a backup, or as additional file space, makes no sense.
  • Accounts can be closed down without notification if providers believe they have been misused. Where some research data is concerned, this is perfectly possible, and in some cases likely, for example, data including images of children, or featuring nudity.

At all times you should follow the guidelines contained in the UCL Information Security Policy.

Portable devices

The Information Security team has published guidance on the storage of sensitive data on portable devices and media. If you think it is necessary to do this, all data must be strongly encrypted.

Hard copy records

You should keep paper records close at hand within your immediate office space while you are using them frequently and those you use occasionally off-site. Off-site storage is managed by the Records Office (third party storage services are not permitted) and you do not need to wait until your study is finished before sending infrequently-accessed records off site. Local filing rooms or 'archives' must not be used.

NHS data

If you are accessing NHS patient data, you should contact the Information Governance Advisory service to discuss your storage and research ethics requirements.

Information Security

As mentioned in previous sections, keeping your research data secure is very important. There is a number of methods that you can use, from the most common such as changing your passwords regularly and creating strong passwords for your devices, to more sophisticated ones such as using specialist software for encryption of flash-drives or laptops. 

Passwords on individual documents, and saving data to hard drives (i.e. stand alone computers or laptops), are not recommended.

Information security is not limited to protecting existing files, it also includes data erasure. Deleting files is not enough as tools are available to retrieve deleted data. You need to make sure that the data you want to discard, especially in cases of "special category personal data", is completely wiped from hard-drives or portable drives. See ISD Information Security's advice on erasing data securely.