During the research project, you need to consider issues concerning secure data storage, backup, and transferal. Opening, publishing, and preserving data after your research project is described in Data sharing and preservation.
Data security is one way of implementing data protection. Among other things, data security refers to organisational and technical measures to ensure the confidentiality and integrity of data, usability of systems and the rights of data subjects.
It is essential to consider data security issues, especially if your data are sensitive and confidential.
The following questions need to be considered during this stage:
To store and backup data safely:
To transfer and obtain data from data provider or to share data with a research team member or supervisor:
If you work with sensitive personal data or confidential data (e,g., politically sensitive information or trade secrets):
Hanken's Instructions on sharing files and collaborating with others to ensure data security:
Our “Instructions for handling and storing data and documents on different information security levels” on the page of Information Management at Hanken state that you can’t store documents with a security level in other cloud services than your own OneDrive. This means that you must use OneDrive storage space in your Hanken-provided account when sharing files and collaborating with others. You should demand that other participants in your project collaborate in your OneDrive instead of other cloud providers.
Consider the following questions about access control of your data:
Will your data of some part of the data be destroyed? Personal data that are no longer needed to conduct the research should be disposed as soon as possible. Storage limitation reduces risks related to personal data processing. It is important to permanently destroy any data that includes personal, sensitive or confidential data after their storage is no longer necessary.
See Data disposal by the Finnish Social Science Data Archive (FSD).
BSc/MSc/eMBA students ought to delete the data no later than 12 months after the thesis is submitted unless you plan to store, reuse or share your data for academic purposes other than completing your thesis/assignment (e.g., for a scientific publication).