Sharing Sensitive Data#
If you plan to share or publish your data you must ensure that your data are appropriate and safe to share. For example, you should consider whether the data can be adequately anonymised, and whether anonymised data will remain useful (see also Barriers to data sharing in the Open Research Chapter of the Guide for Reproducibility).
After applying methods to de-identify and anonymise sensitive data, there may still be a risk of re-identification (see [Mey18]).
An additional safety measure, or alternative to anonymisation, is applying access controls to ensure the data are shared appropriately and securely. This may involve finding a data repository that can provide suitable access controls (see here for a list of protected Access Repositories).
These repositories can provide access to the metadata of the project, which allows others to find and cite the data. Restricted or conditional access also provides potential re-users with the information they need to access the data, making the data FAIR.
For example, conditions to access the data could require the potential data re-user to:
Register and/or provide contact details to ensure reusers are genuine and aware of their responsibilities.
Provide information about how they use the data.
Agree to specific conditions such as data security, privacy, and restrictions included in consent forms.
An increasing number of journals now request, or even require, access to underlying research data as part of the article submission process.
For example:
The BMJ requires authors to make anonymised individual patient data available upon on request for all clinical trials.
Similarly PLOS journals require authors to make the data necessary to replicate the study’s findings publicly available at the time of publication.