View Current

Research Data Management Policy

This is the current version of this document. You can provide feedback on this document to the document author - refer to the Status and Details on the document's navigation bar.

Section 1 -  Purpose of Policy

(1) This Policy:

  1. aligns with UOW’s Strategic Goals and forms part of the UOW governance framework for research data management;
  2. supports UOW’s commitment to the Australian Code for the Responsible Conduct of Research (2018), hereto referred to as ‘The Code’;
  3. supports data management requirements of funding bodies including the Australian Research Council’s (ARC) requirement for the management of data within grant applications, and the National Health and Medical Research Council’s (NHMRC) Principles for accessing and using publicly funded data for health research;
  4. explains the University’s expectations in relation to the collection and management of research data and primary materials, including the responsibilities of staff, affiliates, students, faculties, schools and research units;
  5. demonstrates the University’s commitment to supporting the reproducibility of research, sharing information, re-use and promoting ethical conduct in research, in accordance with the FAIR Data Principles (Findable, Accessible, Interoperable, Reusable) Data Principles and the CARE Principles for Indigenous Data Governance(Collective Benefit, Authority to Control, Responsibility, Ethics); and
  6. guides researchers and research students to fulfil their responsibility to “retain clear, accurate, secure and complete records of all research including research data. Where possible and appropriate, allow access and reference to these by interested parties”, as required by The Code.

(2) The Research Data Management Guidelines should be read in conjuction with this Policy. They provide further advice on its practical implementation.

Top of Page

Section 2 - Application and Scope

(3) This Policy applies to all University researchers and research students engaged in the collection, creation, curation, management and use/reuse of research data at the Univeristy or in collaboration with other institutions.

(4) All research is subject to the provisions of any relevant contracts, licences, funding agreements and collaboration agreements.

(5) In cases where this policy conflicts with the legal requirements specified in research contracts (commercial or otherwise) including any data licences, the contract terms will take precedence over this policy, as long as they are compliant with The Code and any other relevant legislation. It is the responsibility of the lead researcher to ensure that the terms of the contract are met.

(6) This Policy forms part of the Code of Practice - Responsible Conduct of Research. Non-compliance with the requirements of this Policy may result in researchers or the University being held legally responsible for breaches of legislation.

(7) Breaches will be handled in accordance with the relevant University policies and procedures, such as the Managing and Investigating Potential Breaches of the Research Code Policy, the Managing and Investigating Potential Breaches of the Research Code Procedure and/or applicable IT Policies.

(8) Researchers and research students should ensure their data is managed in accordance with the FAIR Data Principles to maximise its visibility and potential for sharing and reuse.

(9) Aboriginal and Torres Strait Islander research must be managed and shared in accordance with the CARE Principles for Indigenous Data Governance. These principles are people and purpose-oriented, reflecting the crucial role of research data in advancing Indigenous innovation and self-determination.

Top of Page

Section 3 - Ownership of Research Data

(10) Research data and its associated intellectual property will be owned and used in accordance with the IP Intellectual Property Policy, unless otherwise specified in funding agreements or agreed in writing by all parties involved in the project, prior to its commencement.

(11) Indigenous cultural and intellectual property rights must be respected when determining the appropriate ownership and use of research data resulting from projects involving Aboriginal or Torres Strait Islander peoples (in line with the Australian Institute of Aboriginal and Torres Strait Islander Studies Code of Ethics for Aboriginal and Torres Strait Islander Research).

(12) In accordance with Indigenous data sovereignty Principles, Aboriginal and Torres Strait Islander peoples have the right to exercise ownership over Indigenous data. Ownership of data can be expressed through the creation, collection, access, analysis, interpretation, management, dissemination and reuse of Indigenous data.

(13) The University’s assertion of research data ownership and rights of use is not intended to impede the use of such data by researchers and research students for research and education purposes. Instead, it allows the University to manage the data in accordance with its legal, contractual and moral obligations and for long-term preservation, sharing, knowledge exchange and translation, where appropriate.

(14) Where research is undertaken in collaboration with another external organisation(s), a written agreement that specifies the purpose and arrangements for the ownership, use, management, sharing, storage, accessibility, publication, retention, and disposal of the research data and primary materials, must be in place before the commencement of the project.

(15) Researchers must ensure that the University has a record of the ownership and responsibility for any research data and records they have transferred into the University’s control (e.g., for storage on University facilities).

(16) Where no ownership or responsibility has been recorded, or the recorded responsible party is no longer a UOW researcher, the relevant Dean or delegate will hold authority to decide on storage, retention, disposal, publication or licensing arrangements in compliance with legal and regulatory obligations.

Top of Page

Section 4 - Research Data Management Planning

(17) A Research Data Management (RDM) Plan, created in the University’s Research Data Management Platform ReDBox, must accompany every new research project at the University.

(18) RDM Plans are required to facilitate storage provisions and may also be requested by external funding agencies. Project metadata and information relating to data access, ownership, sensitivity, storage, ethics requirements, sharing, retention and disposal are all documented in the RDM plan.

(19) RDM Plans must be updated when the data management needs of the project change significantly from those documented in the existing plan. Revised plans must be shared with relevant members of the research project team promptly.

(20) Researchers and research students should consider the future uses of their data and ensure that it is collected in accordance with relevant requirements specified in The Code. Assigning a suitable licence will define how others are allowed to use the data.

(21) Further information about research data management planning and ReDBox is available in the Research Data Management Guidelines.

Top of Page

Section 5 - Research Data Storage

(22) The University must provide facilities for the safe and secure storage of research data and primary materials, appropriate training and support services, and maintain metadata records.

(23) As per the Code of Practice - Responsible Conduct of Research, data must be stored in a durable and appropriately referenced and retrievable form, in a safe and secure storage area, with clear and accurate records of research methods and data sources, in accordance with required retention periods.

(24) Before using external commercial cloud storage applications, researchers and research students should refer to the Research Data Management Guidelines for information on recommended service providers.

(25) When using removable and temporary storage media, researchers and research students must:

  1. familiarise themselves with the data management limitations, issues and risks associated with storing research data on such devices;
  2. assume responsibility for the access control, security, back-up, and disposal processes that are required for effective research data management; and
  3. ensure that all significant research data and primary materials are moved to the central storage facilities provided by the University as soon as possible, and that location metadata is updated to reflect this change.
Top of Page

Section 6 - Classification, Security and Ethical Requirements of Research Data

(26) Researchers and research students must review the University research data security classifications specified in the Research Data Management Guidelines and select a suitable security classification for the data they are generating or collecting as part of their research, based on its level of sensitivity.

(27) Security classifications help to determine suitable approaches for the storage, sharing, publishing, ethics requirements, retention and disposal of research data and are particularly important for sensitive data.

(28) Aboriginal and Torres Strait Islander research should be classified as either restricted or protected, depending on the severity of the impact arising from a potential breach, in accordance with the Data Governance Procedure.

(29) Research data must be stored in an electronic format that is protected by appropriate security measures, electronic safeguards and/or physical access controls that restrict access only to authorised user(s) to maintain its safety, quality and integrity.

(30) If a Researcher or research Student leaves the University and takes data or copies of data with them, they must ensure that an equivalent or higher level of security is in place in the new storage location.

(31) Prior to travelling overseas, researchers should review the Defence Trade Controls Guidelines and the Travelling Overseas with Devices Procedure and ensure they comply with requirements.

(32) Researchers and research students are responsible for the appropriate preparation of data in situations where commercial sensitivity, confidentiality and/or privacy issues require data to be encrypted or de-identified.

(33) Data management for research involving human participants, their tissue or their data must comply with the National Statement on Ethical Conduct in Human Research. Where data is identifiable or reasonably re-identifiable, the conditions of the consent provided by participants in relation to data retention, confidentiality, access and re-use must be complied with, in addition to the relevant legal and regulatory requirements.

Top of Page

Section 7 - Documentation and Metadata

(34) Metadata must accompany the research data for as long as it is retained and must be updated as necessary.

(35) Detailed descriptive metadata and other contextual information must be associated with qualitative and quantitative data collections to enable the interpretation and re-use of that data.

(36) Where physical specimens have been generated using physical, chemical, biological, engineering or other such processes, a relevant metadata record of these processes must be included with the related data.

(37) Any process, software program, script or code used to generate, annotate or analyse the research data must be documented and recorded in the metadata.

(38) Where research data is not stored at the University, researchers must ensure that the metadata is stored at the University, including details about its location.

Top of Page

Section 8 - Access, Reuse, Sharing and Licensing of Research Data

(39) Research data and primary materials must be easily identified and quickly retrievable by authorised users for verification of research results and potential reuse where appropriate, unless subject to confidentiality or security provisions.

(40) Researchers are encouraged to make their research data sets available under open licence for use by others, unless this is prevented for reasons of research integrity, by legislation, University policy, ethical, confidentiality or contractual requirements or Indigenous cultural and intellectual and property rights.

(41) For research involving Aboriginal or Torres Strait Islander peoples, researchers must provide access to Indigenous data owners to uphold Indigenous cultural and intellectual property rights, in line with the AIATSIS Code of Ethics for Aboriginal and Torres Strait Islander Research.

(42) Aboriginal and Torres Strait Islander peoples have the right to exercise autonomy and governance over Indigenous data. This includes the right to autonomously decide how and why Indigenous data are collected, accessed and used, to ensure that data on or about Indigenous peoples reflects Indigenous priorities, values, cultures, world views and diversity.

(43) Where research data or records have been requested and access refused, the reasons must be transparent and justifiable. If research data sets cannot be made openly available, research metadata should be made available.

(44) Where appropriate, research data and primary materials must be collected or generated, stored, and licensed in accordance with the FAIR data principles, with access allowed to interested parties. The license (such as one that is endorsed by the Creative Commons) must define how the data output may be lawfully used and specify the conditions for future reuse.

Top of Page

Section 9 - Retention, Archiving and Disposal of Research Data

(45) Research data and primary materials must be retained in an accessible form for as long as they have continuing value, in accordance with periods specified by legislation, funding bodies, ethics approval processes, relevant policies (such as the Records Management Policy), patent law, regulatory requirements and discipline convention. Sufficient data must be retained to verify the outcomes of research.

(46) When a Researcher or research student leaves the University, any agreements concerning the management of their research data (i.e., ownership, retention, access etc.) must be reviewed.  

(47) Researchers and research students leaving the University must ensure that a copy of their research data and primary materials have been deposited into University facilities to support research integrity and retention obligations, as consistent with ethical, contractual or legislative requirements, and FAIR Data Principles.

(48) Where research data needs to be permanently archived, it must be saved in a format that is widely used and accepted as best practice within the research discipline, to ensure it is accessible in the future.

(49) Researchers must retain, archive or dispose of Aboriginal and Torres Strait Islander research data, in accordance with the AIATSIS Code of Ethics for Aboriginal and Torres Strait Islander Research and other relevant legislation.

(50) Where permanent disposal of research data is necessary, it must be planned, deliberate and irreversible, using secure disposal mechanisms so that the data cannot be retrieved.

(51) Further information is available in the Research Data Management Guidelines.

Top of Page

Section 10 - Roles and Responsibilities

(52) Researchers, research students and professional services staff employed by the University will work in partnership to satisfy the requirements of the Australian Code for the Responsible Conduct of Research, 2018 and the Code of Practice - Responsible Conduct of Research.

(53) Researchers and research students are responsible for:

  1. understanding and acting in accordance with this Policy;
  2. familiarising themselves with relevant data and primary material management requirements and contractual obligations (if any) prior to undertaking research;
  3. creating a research data management plan and ensuring it is and adhered to and kept up to date;
  4. identifying and using the most suitable storage solution for their research data, records and primary materials and seeking advice where necessary;
  5. understanding the risks and limitations of third-party storage solutions and taking the necessary action to protect data stored on these services;
  6. determining appropriate sharing and publication arrangements and understanding the potential use and reuse of their data and being amenable to the application of licences to support this;
  7. adherence to the FAIR Data Principles and CARE principles as required;
  8. reporting circumstances where a suspected or known security breach might have resulted in the unauthorised access, unintended disclosure, loss, theft, destruction or alteration of data, in accordance with the IT Acceptable Use Policy and/or the Travelling Overseas with Devices Procedure;
  9. planning for the handover of research data collections, associated primary materials and research records at the conclusion of research projects or when a researcher or research student leaves the University, including information about access to and potential re-use of data collections; and
  10. ensuring that written agreements specifying data management arrangements are in place for their projects that span multiple institutions, in partnership with the Research Services Office.

(54) Research student supervisors are responsible for:

  1. assisting Research Students under their supervision to:
    1. understand the relevant policies, contracts, regulations and licensing considerations that relate to research data management within their respective disciplines;
  2. ensuring a research data management plan is created before the research commences; and: 
    1. accessing appropriate data and primary material storage infrastructure and advisory services.
    2. taking joint responsibility with their research students for the management of the research students’ data and primary materials;
    3. discussing data collection with research students and arranging for appropriate access to the data if the research students wishes to leave it with the University; and
    4. encouraging research students to attend research data management training.

(55) The Deputy Vice-Chancellor (Research and Sustainable Futures), Associate Deans (Research), Heads of School and Research Leaders are responsible for:

  1. ensuring that staff understand how to manage their research data responsibly;
  2. modelling responsible research data management behaviours to researchers and research students;
  3. reporting incidents involving IT security breaches or the unintended disclosure, loss, or destruction of research data;
  4. approving the storage, retention, disposal, publication or licensing arrangements for research data and primary materials without a recorded and current responsible UOW researcher; and
  5. participating in research data governance processes.

(56) The Dean of Graduate Research, Associate Deans (HDR), and Heads of Postgraduate Studies are responsible for:

  1. ensuring that research students receive appropriate research data management training;
  2. modelling responsible research data management behaviours to research students;
  3. reporting incidents involving IT security breaches or the unintended disclosure, loss, or destruction of research data; and
  4. participating in research data governance processes.

(57) Information Management and Technology Services is responsible for:

  1. providing enterprise-level storage services and solutions, such as localised hardware/software solutions, networked storage, collaboration tools and file sharing utilities;
  2. providing technical support for enterprise storage services and solutions;
  3. ensuring centrally provided storage services and solutions are appropriately backed-up and maintained;
  4. ensuring the security of the systems and the data stored within;
  5. reporting any security breaches, and system failures that may affect data integrity, to the researchers and the University;
  6. educating relevant UOW staff about the differences, capabilities and functions of enterprise storage resources; and
  7. participating in research data governance processes.

(58) Library Services is responsible for:

  1. providing subject-matter expertise on data management concepts, such as linked identifiers, metadata management, data licensing, data sharing and data citation;
  2. advising and guiding researchers through established outreach and liaison services; and
  3. participating in research data governance processes.

(59) The Research Services Office is responsible for:

  1. providing a central coordination point for research data management activities;
  2. advocacy and developing organisational awareness of research data management issues;
  3. providing advice, guidance and assistance to Researchers in the preparation of research data management plans;
  4. coordinating the preparation and execution of written agreements that specify the arrangements for data management, for projects that span multiple institutions, in partnership with the Office of General Counsel;
  5. organising research data management training events and workshops in partnership with the Research Integrity Development and Ethics unit, and the Graduate Research School; and
  6. facilitating and supporting research data governance processes.

(60) The Research Integrity Development and Ethics unit is responsible for:

  1. providing advice and assistance to researchers to ensure their research data management practices comply with relevant legislation;
  2. coordinating investigations into potential breaches of this policy and supporting processes, in accordance with the Managing and Investigating Potential Breaches of the Research Code Policy;
  3. organising research data management training events and workshops in partnership with the Research Services Office; and
  4. facilitating and supporting research data governance and ethics processes.

(61) The University is responsible for:

  1. providing appropriate infrastructure for the safe and secure storage and management of research data, primary materials and records and, where possible and appropriate, allow access and reference;
  2. providing relevant training in best practice research data management, including training in the effective use of research data infrastructure;
  3. ensuring research student supervisors have the necessary skills, qualifications and resources to support their research students to comply with this policy; and
  4. supporting researchers and research students throughout the entire research data management lifecycle.
Top of Page

Section 11 - Definitions

Word/Term
Definition (with examples if required)
Data license
Defines the permissions, term and conditions for the reuse of data.
Intellectual Property (IP)
Any original product of the creator’s mind, commonly developed through research or creative efforts. IP created during the acquisition of research data and primary materials will be subject to the Intellectual Property Policy.
Metadata
Information about the context, content, quality, provenance, and/or accessibility that describes a research data set, for example collection title, chief investigator, description, collection period, access conditions and storage location.
Open Access
The immediate, online, free availability of research outputs without restrictions on use commonly imposed by publisher copyright agreements.
Primary materials
Physical objects acquired through a process of scholarly investigation from which research data may be derived.  Examples include geological or biological material, questionnaires or recordings.
Research data
The data, records, files or other evidence, irrespective of their content or form (e.g. in print, digital, physical or other forms), that comprise research observations, findings or outcomes, including primary materials and analysed data. Research data referred to in this policy relates to data generated in research projects and is to be distinguished from the information about research performance and statistical research data which is used by UOW for planning and budgeting purposes.
Research data management
All the processes and actions required to manage data throughout the research life-cycle to enable it to be preserved and accessible by a controlled audience for current and future research.
Research data management plan
A document that outlines how the research data for a specific project will be collected, organised, stored, backed-up, preserved shared, archived and disposed.
Research data security
The protection of data from loss, unauthorised access and unauthorised modification. Security must be maintained while data is both at rest and in transit.
Research data governance
The practice of setting policies, rules and processes that guide the use, development and protection of research data, and ensuring compliance with these regulations.
Researchers
A staff member, research student and/or visitor who undertakes or has undertaken research at the University.