Anonymisation of research data

For questions, contact your privacy officer (PO). On My EUR you can find contact details for your faculty PO.

Introduction

Researchers should consider appropriate measures to protect the privacy of research respondents. This is also a requirement put forward by institutional ethical committees, as well as within the European privacy legislation (the General Data Protection Regulation, GDPR). One way to do so is by anonymising or pseudonymising research data that includes personal data. Below you will find more information on what these processes imply, techniques and tools that can be used for quantitative and qualitative data, as well as the definitions of relevant terms.  

Which technique of anonymisation and pseudonymisation you could apply depends on the type of research you are doing and the phase of research you are in (i.e., recruiting, collecting, and analysing or publishing and sharing). See the table below for things to consider depending on type of research and research phase.

In any case, make a plan, laying down which techniques of anonymisation and pseudonymisation you will apply when. It is good to do so early on: planning will help you to set up your study in a privacy by design fashion and will reduce time and costs in the long run.   

Type of research

There are different techniques of anonymisation and pseudonymisation for quantitative and for qualitative research.

Research phase: Recruiting, Collecting, and Analysing

Collect and analyse only the personal data necessary and relevant for your study purposes. Apply the appropriate anonymisation or pseudonymisation techniques as soon as possible and to the extent that you can still reach the goals of the research.

Research phase: Publishing & re-use

Published research data should always be anonymous unless you have consent to publish or re-use personal data.

Research phase: Archiving

After the completion of the project, store the raw and processed research data and accompanying documentation for scientific integrity purposes (min. 10 years). You might be required to remove personal data or company data depending on the situation (e.g., data that was not used to conduct the research or data that is not required to prove the integrity of the research).

Vergelijk @count opleiding

  • @title

    • Tijdsduur: @duration
Vergelijk opleidingen