Limit as much as possible the processing of personal data, for example by:
- Collecting as little data as possible to reach your research purpose.
- Collecting only personal data from the amount of individuals necessary.
- Preferably not using tools that automatically collect unnecessary personal data. If possible, prevent tools you do use from doing so (Privacy by Default). For example, the survey tool Qualtrics can automatically register location data, which can be turned off by using the “Anonymize Responses” option.
- Removing personal data when you no longer need them. Remove them from repositories, data collection tools, sent emails, back-ups, etc. (see also the Storage chapter). Use directly identifying information only if you legitimately need them, for example to keep in touch with data subjects or to answer your research question.
- Pseudonymising or anonymising personal data as early as possible.
- Use portable storage media only temporarily.
Separate the processing of different types of personal data as much as possible, for example by:
- Storing directly identifying personal data (e.g., contact information) separately from the research data. Use identification keys to link both datasets, and store these keys also separately from the research data.
- Separating access to different types of personal data. For example, separate who has access to contact information vs. to the research data.
- Applying secure computing techniques, where the data remain at a central location and do not have to be moved for the analysis.
Limit as much and as early on as possible the detail in which personal data are processed, for example by:
- Pseudonymising or anonymising the data.
- Adding noise to the data, e.g., voice alteration in audio data.
- Summarising the data to simply describe general trends instead of individual data points.
- Synthesising the data, e.g., for sharing trends in the data without revealing individual data points.
Protect personal data, or make them unlinkable or unobservable. Make sure they do not become public or known. You can for example do so using a combination of:
- Using encryption, hashing or strong passwords to protect data. Consider using a password manager to avoid losing access to the data.
- Using secure internet connections and encrypted transport protocols (such as TLS, SFTP, HTTPS, etc.). Do not connect to public WiFi on devices containing personal data.
- Applying privacy models like Differential privacy, where noise is added to individual data points to hide their true identity.
- Only providing access to people who really need it, and only for the necessary amount of time and with the necessary authorisations (e.g., read vs. write access; only the relevant selection of personal data, etc.). Remove authorisations when access is no longer required.
- Encrypting and regularly backing up data on portable storage media.
- Keeping a clear desk policy: lock your screen and store paper behind lock and key when you leave your desk.