Data and consent
As part of the informed consent process, you have to explain to participants what will happen to the data they provide. This includes:
- How their data will be stored. All data should be stored safely and securely - e.g. identifiable data should be in encrypted data files, hard copies of data (paper, video recordings and so on) should be kept in locked filing cabinets. You need to keep identifiable data (such as names and addresses) separate from other data that you collect (such as interview transcripts or recordings). Participants need to know that you will do this.
- If they will have access to their data. Participants are entitled to ask for a copy of their data - e.g. a recording or interview transcript - and it is good practice to offer this to them, and to provide it should they wish. Remember, you need to think through what the consequences of this might be. See our dilemma on data sharing for an example of the tensions that can arise.
- How long their data will be kept for. The recently published Research Councils UK (RCUK) Code of Conduct states that data should normally be kept for up to ten years (up to 20 years for projects of major significance). While this may not apply if your research is not funded by a Research Council, your institution policies may have changed as a result of this document, and so you should check your institutional requirements (e.g. with the central research office in your organisation).
If you are using data collected by other researchers, or for different purposes than for your study, you need to make sure that consent covered your proposed use of the data. For example, did they agree for data to be archived, or to be used for future research? That consent may not have been specific, but it does need to cover broadly your planned use of the data. See our discussion of secondary analysis for more detail.