UKDA logo - link to UKDA home page

ABOUT UKDA arrow
MANAGE AND SHARE DATA Sharing data - why and how? 
Consent, confidentiality and ethics 
Copyright 
Data documentation and metadata 
Data formats and software 
Data storage, back-up, and security 
Backing up data 
Data storage 
Security and access 
Encrypting data 
Further resources 
FAQ 
Advice and training 
Projects 
DATA arrow
SUPPORT arrow
RESEARCH AND DEVELOPMENT arrow
NEWS arrow

MANAGE AND SHARE DATA


SECURITY AND CONTROLLED ACCESS TO DATA

Data security is the protection of any data from unauthorised access, use, change, disclosure and destruction.

There are many strategies available for eliminating, or at the very least reducing, the risks of breaching data security. Some elements of data security, where the safe-guarding of personal data is involved, are based on national legislation (see data protection and sharing research data) and cannot be ignored. It is one thing to leave research data open for others to delete, it is another to allow others to take control of those data and publish them. The former case may cause great inconvenience, but the latter case could be construed as the wilful misuse of data, and if related to personal data under the Data Protection Act, could now lead to a financial penalty. See the Criminal Justice and Immigration Act 2008.

Personal data should only be accessible to authorised persons; thus, security measures, including restricted access to rooms, may need to be implemented. Personal data are not always only in digital form. Examples include the storage of consent forms and interview cover sheets from an interviewing project, or completed paper copies of a questionnaire/survey, which typically contain names, addresses and signatures. These should be protected in the same way as digital files.

In general, data which contain personal information should be treated with higher levels of security than data which do not. In practice, it may be difficult to operate two data storage procedures in tandem, and often the highest level of security should be invoked for all data.

Data security covers a wide range of considerations such as:

  • physical security related to access to buildings
  • IT-specific security measures relating to viruses and malicious code
  • controlling access to restricted materials with encryption and/or password protection
  • providing confidentiality agreements for data users

Preventing unauthorised access to data

The higher the level of data security required, the greater is the need to control access. Generally speaking, access to digital data assumes the ability to read (and potentially alter or delete) the contents of a computer file. The levels of security necessary for any data file should be conditioned by the actual content of the data file.

If a data file meets the following criteria:
  • contains no personal or confidential data
  • is not considered to be commercially valuable
  • has many up-to-date and identical back-up copies
then it may not be critical if the data are made available to unauthorised persons (or computers). No one will be damaged by the disclosure of this information, and the researcher will not be greatly inconvenienced by the temporary loss of data. However, even in a simple scenario like this, what could become highly inconvenient is if someone maliciously altered data to affect the outcome of some data analysis. Admittedly the risk is very low, but working in an environment where hot-desking is commonplace, increases this risk. Unauthorised access to data can be prevented by:
  • restricting access to rooms/buidlings where digital data are held
  • preventing access to computers
  • preventing access to data files (password, protection, encryption...)
top

Lowering security risk

In general there are two ways of reducing the risk of security breach:
  • remove or lessen the internal risk which is within the data, either through data anonymisation or redaction of information
  • strengthen IT-based systems to such an extent that access becomes so highly controlled that breaches become near impossible

Finding the balance between these two options is highly dependent on the type of data which you are working with.

Reducing the risk of disclosure

The risk of disclosure of confidential data can be reduced by anonymising data (see anonymising research data) or by producing summary data through aggregation over area (e.g. ward, parish or census district) or over time.

Special care needs to be taken where linkage of data with other materials or other data may lead to breaches of confidentiality and anonymity (see anonymising relational data). The most sensitive examples lie in the context of clinical patient records, biological samples, and genetic data that could all be potentially linked to data.

Also the separation of disclosable from non-disclosable information by obscuring, removing or hiding individual fields, records, columns, or tables prior to the release of data can significantly reduce the risk of disclosure.

Further details can be found in the consent, confidentiality and ethics in data sharing section.

Tightening information security

Access to data can be restricted by:

  • controlling access to rooms holding data
  • controlling access to computer systems and files

Physical storage security

Restricted access to rooms holding data, digital or non-digital, should be considered. Computer systems holding data require adequate security. Transporting personal data should only be carried out under certain exceptional circumstances.

For example, the UKDA is protected by a card entry system and all machine rooms have restricted access. Staff are not allowed to carry any data outside of secured premises, unless they are in an encrypted form (see encrypting data for transmission). This applies not only to laptops, but also to portable media such as data sticks and external hard drives. Computer media and hardcopy material are always logged when removed from store rooms to avoid materials going missing. The UKDA also has specified physical security systems for the storage of electronic and any physical materials.

In the case of a serious hardware failure, you may need to consider the impact of letting a hard drive out of your control. Giving a failed hard drive containing sensitive data to a computer manufacturer may cause a breach of licence.

At the end of the productive life of any computer, it will need to be disposed of. Deleting all the files and reformatting a hard drive will not prevent someone who is really interested from recovering all the materials which have previously been on that hard drive. Before disposing of any hardware or physical media which have once contained sensitive information it is best to take specialist advice. CD/DVD shredders exist which will prevent any future access to these media. Hard drives should be removed from their casings and disposed of securely.

top

Controlling access to computer systems and files

The following measures can be used to control access to computer systems and files:
  • all computer systems holding data should be lockable by a password system to prevent unauthorised access in the event of a security breach of the room
  • all computer systems holding data should be protected by a firewall system; servers should be protected by power surge protection systems through line-interactive UPS system
  • relevant security-related upgrades and patches to operating systems and applications should be carried out regularly, particularly in the case of virus detection software
  • confidential data, such as that containing names or addresses, should not be stored on servers or computers connected to an external network, particularly servers that host internet services, either web or email
  • when backing up files, copies should be compared for completeness - the UKDA ensures the integrity of files using a combination of file size, date and MD5 check sum values
  • in the rare cases where data need to be destroyed at the end of a project, this should be done in a consistent manner, with paper being shredded and computer files permanently deleted from all systems
  • potentially personal or confidential data should never be sent via email or using FTP (there are a number of safe methods of sending encrypted data - see the encrypting data for transmission page for details of the UKDA's preferred method)
Home | A-Z | Contact | Login | Print-friendly page




SEARCH

all UKDA web site
Data Catalogue


UKDA SERVICES Show/hide comment



MANAGING AND SHARING DATA TRAINING PROGRAMME

Training



Managing and Sharing Data
a best practice guide for researchers

PDF of Managing and Sharing booklet

Printed copies of the brochure are available on request from publicity enquiries.




UK Data Archive Home Page > Sharing > Security and controlled access to data
link to The National Archives
UKDA is a designated legal place of deposit for digital records
Page last updated 16 December 2008
© Copyright 2002-2010 University of Essex. All rights reserved.
Contact | Statements | Accessibility Valid XHTML 1.0!
Link to University of Essex Link to JISC   Link to ESRC