What is sensitive data?
Sensitive data can include:
- Personal data
- Health and medical data
- Confidential data, including commercial in confidence information and research
- Ecological data that may place vulnerable species at risk
- Data involving Indigenous people- La Trobe University’s Research Data Management Policy states you must “consult with research participants and communities regarding the methods of collecting, storing and accessing the data.”
Data that is not obviously sensitive (i.e., does not include names or dates of birth), or has been de-identified, may become sensitive again when context changes.
- Triangulation (combining several pieces of non-sensitive information e.g. Age, family composition, occupation).
- Data linkage- bringing two or more datasets together that cover same person or subject of research.
La Trobe's Research Data Management Policy states that:
- researchers are responsible for ensuring research data and primary materials are stored securely in a durable and accessible form
- access to research data should be controlled by appropriate security measures to prevent unauthorised access
- research data must be securely disposed of at the end of the specified period of retention.
La Trobe University has designated research data storage options to help you meet these data security requirements. See the Data storage guide for more information about these options.
This is an excellent guide to legislation, codes, statements and policies and IT security requirements for sensitive data.
Sensitive research data such as that involving human subjects may require encryption. See the Data encryption guide for more details.