How do researchers at Utrecht University deal with privacy-sensitive data?

Results of the Data Privacy Survey are now published

How do researchers at Utrecht University deal with (sources of) privacy-sensitive data in research? And how can research support best assist them in doing so? In March of this year, Research Data Management Support reached out to all researchers asking exactly these questions via an online survey and one-on-one meetings. The results show that many researchers see privacy as a large hurdle in their research, both in terms of administrative work and finding the correct information and support. 

About 180 researchers from all faculties filled out the survey, and we met 28 of them in an online one-on-one meeting to hear more about their privacy-related issues and needs. The results show that researchers at every faculty have to deal with personal data in research, although in some faculties more than in others (e.g., most in the faculties of Science and Social and Behavioural Sciences). Basic privacy protection measures such as pseudonymisation, access control and UU-approved tools were familiar to most researchers, although the knowledge level differed quite a bit. For example, not all researchers used approved storage media to store personal data or included all the necessary elements in an information letter to research participants. 

Common privacy challenges and needs in research at Utrecht University 

Researchers expressed several challenges and privacy-related needs, some of which were generic, and others very specific. Below we list the challenges most commonly mentioned by researchers: 

  • Privacy is often considered to cause a high administrative burden on researchers (e.g., long review periods, too many forms to fill). In past cases, this has sometimes been caused by the researcher considering the privacy aspect too late in the process, and having to go back to the drawing board. 
  • There is some unclarity in what the privacy-related process looks like, who has which responsibility, and where to go for help (e.g., privacy officers, Ethical Review Boards, Research Support Office, faculty/department data managers, Research Data Management Support, etc.). 
  • Available information and/or support relating to privacy has been experienced as too abstract, too generic, not applicable to research, or not easy to find. 
  • There is unclarity on specific issues, such as when data can be considered anonymous and under which circumstances data can be shared for reuse purposes. 

Moving forward 

So what will we do with all this input? Several things actually, such as: 

  • We are currently creating the Data Privacy Handbook, which contains all privacy-related information for research at Utrecht University in one place. The handbook is open source, so if you have any feedback at all, please let us know
  • All data-related support personnel (i.e., privacy officers, data managers, ethical review boards, etc.) are constantly trying to improve data-related processes, and this includes privacy. For privacy specifically, multiple faculties are looking to integrate several administrative systems into one and are increasing collaborations within and between faculties. 
  • At RDM Support, we are working on creating an e-learning on privacy basics for researchers. This will be a self-paced complement to our current in-person workshop Handling Personal Data

Do you have questions on privacy in research? Please reach out to your faculty privacy officer or RDM Support