General Data Protection Regulation (GDPR) and Data Protection
Policies and other resources to help you conduct your research in line with GDPR and data protection guidelines.
University Data Protection policy and handbook
Data Management Plan (DMP)
Information Services (IS) Research Data Service
UK Research and Innovation (UKRI), GDPR and Research – An Overview for Researchers (undated)
Links to external websites may not be accessible and we are not responsible for their content.
For an overview of third party software application and services, see: https://www.ed.ac.uk/data-protection/data-protection-guidance/specialised-guidance/software-application-services
If it is necessary for you to use a third party software application to conduct research or collect any form of sensitive data (including student data) which is not supported by the University, then you should follow these steps:
1) Seek advice from Information Security (IS) about your unsupported software (https://www.ed.ac.uk/information-services/help-consultancy/contact-helpline)
2) Complete a Data Protection Impact Assessment (DPIA) (https://www.ed.ac.uk/data-protection/data-protection-impact-assessments)
3) Write and implement a Data Management Plan (DMP) (https://www.ed.ac.uk/information-services/research-support/research-data-service/before)
4) Carefully document all your decisions, and keep this record secure so that you can justify your choices at a later date should you need to
University policy dictates that transcription work should only be carried out by University-approved service-providers. For information or queries on University-approved service-providers, please refer to the Procurement Office website.
If you are planning to use an interpreting- or translation-service provider which is not University-approved, then please contact Rena Gertz, Data Protection Officer, for advice.