View all Close all
At St George’s we often handle data that may be considered sensitive, including clinical or survey data collected from human participants, human genomic data, human tissue and organ samples, sensitive personal data and commercially sensitive data.
The university has a number of policies, procedures and systems available to help you to handle your sensitive data responsibly. Visit our information governance pages to learn more about the policies and procedures governing sensitive data.
St George’s currently holds a number of licences to collect, store and archive human tissues and organs under the Human Tissue Act (HTA, 2004). All researchers handling human tissue/organs should familiarise themselves with our HTA documentation and be trained on the requirements of HTA compliance. Please visit our HTA pages for more information and to access our HTA documentation.
All research at St George’s must undergo appropriate ethical and regulatory approval before projects can begin. Visit the research governance and delivery pages for more information.
If your research is commercially sensitive, or potentially commercially sensitive, contact the Enterprise Team
in the JRES as soon as possible, as commercially sensitive research needs to be handled under strict confidentiality.
St George’s is compliant with the NHS Data Security and Protection Toolkit. Compliance demonstrates that St George’s is practicing good data security and that personal information is handled responsibly. Some data from NHS Digital
may only be shared with us for research if we can demonstrate compliance with the toolkit. Visit our information governance pages
to learn more.
It may not be appropriate for sensitive data, including commercially senstitive data, to be openly available.
However, de-identified sensitive data can be shared with bona fide researchers under strict access conditions for validation and/or re-use. Access to sensitive research data at St George’s is facilitated by our controlled data access SOP (PDF). This is a transparent, independent process governing access to more sensitive research data at St George’s. It is expected that all data will be appropriately de-identified prior to sharing.
The Research Data Management Service is the official contact for requesting access to controlled access research data at St George’s.
The University of Bristol has produced a very good guide on sharing sensitive research data
, including data from clinical trials.
Most repositories, including the St George’s research data repository, accept controlled-access data.
When sharing controlled-access data on a repository, users often deposit both the data and the metadata into the repository. The metadata will remain openly available, while the data itself remains confidential. Always ensure that you select the right access conditions for data that is deposited to a repository. Alternatively, with many repositories you can also choose to deposit the metadata only into the repository. In both these cases the metadata must contain instructions about how to access the data.
Most repositories will provide a digital object identifier (DOI) for the metadata that you’ve shared. You can include this DOI in your publications so others know where to go to learn more about your data and to request access.
When selecting a repository it is important to understand who will be granting access to the data. Will access be managed by the repository or the data creator/owners? Select a repository that you trust. Also, always check the repository’s requirements before you start preparing your data for sharing. You may need to organise or document your data according to specified standards before it can be accepted.
If you’d like help with selecting an appropriate repository for your data, contact the Research Data Management Service.