Sensitive Data

Sensitive data is any information the disclosure or misuse of which could compromise the privacy, security or safety of an individual, group or organisation, cause discrimination or may be contrary to the public interest.
Type Description Examples
Personal data Direct identifiers directly and unambiguously identify a specific person without additional information and unambiguously point to one specific individual. Name, personal identification number, email address (if it contains a name), location (GPS, IP address).
Personal data can also be indirect identifiers, which are not sufficient on their own to identify a person, but in combination with other data or external information can point to a specific individual. Date of birth or age, gender, ethnicity, postcode, home address, unique socio-economic or lifestyle data.
The General Data Protection Regulation (GDPR ) defines special categories of personal data, the misuse of which may cause particular damage to the individual. These include a person’s racial or ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric or health data, criminal convictions and criminal offences.
Confidential data Data whose disclosure could pose risks to organisations or companies or to society as a whole. Financial statements and transaction data, passwords, trade secrets, intellectual property, investigative data, sensitive government data, security or dual-use information.
Biological data Data related to health, genetics, biometrics or biodiversity conservation. Blood test results, DNA sequence, fingerprints. Location of threatened or endangered species.
Sensitive data can be in different formats – numeric, text, images, audio or other formats. If the research includes such data, stricter ethical and security standards need to be respected – in the collection, storage, processing and publication of the data.
It is important to stress that each research sector may have specific types of sensitive data which are not specifically regulated, but which require special care in handling, whether written or unwritten, ethical norms in the sector. For example, this might be the case when dealing with archaeological excavations, rare artefacts or endangered species.
In order to comply with data security, legal and ethical requirements, it is important to use appropriate data protection measures, such as anonymisation or encryption, specific storage and access conditions, and compliance with local and international data protection rules.
It is sometimes difficult to determine whether research data is sensitive and how to securely collect, store, process and analyse it. In such cases, you should contact the data curators at your university or NPC.

Sensitive Data

Sensitive data is any information the disclosure or misuse of which could compromise the privacy, security or safety of an individual, group or organisation, cause discrimination or may be contrary to the public interest.
Type Description Examples
Personal data Direct identifiers directly and unambiguously identify a specific person without additional information and unambiguously point to one specific individual. Name, personal identification number, email address (if it contains a name), location (GPS, IP address).
Personal data can also be indirect identifiers, which are not sufficient on their own to identify a person, but in combination with other data or external information can point to a specific individual. Date of birth or age, gender, ethnicity, postcode, home address, unique socio-economic or lifestyle data.
The General Data Protection Regulation (GDPR ) defines special categories of personal data, the misuse of which may cause particular damage to the individual. These include a person’s racial or ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric or health data, criminal convictions and criminal offences.
Confidential data Data whose disclosure could pose risks to organisations or companies or to society as a whole. Financial statements and transaction data, passwords, trade secrets, intellectual property, investigative data, sensitive government data, security or dual-use information.
Biological data Data related to health, genetics, biometrics or biodiversity conservation. Blood test results, DNA sequence, fingerprints. Location of threatened or endangered species.
Sensitive data can be in different formats – numeric, text, images, audio or other formats. If the research includes such data, stricter ethical and security standards need to be respected – in the collection, storage, processing and publication of the data.
It is important to stress that each research sector may have specific types of sensitive data which are not specifically regulated, but which require special care in handling, whether written or unwritten, ethical norms in the sector. For example, this might be the case when dealing with archaeological excavations, rare artefacts or endangered species.
In order to comply with data security, legal and ethical requirements, it is important to use appropriate data protection measures, such as anonymisation or encryption, specific storage and access conditions, and compliance with local and international data protection rules.
It is sometimes difficult to determine whether research data is sensitive and how to securely collect, store, process and analyse it. In such cases, you should contact the data curators at your university or NPC.