Storage during the project
Digital data regarding the project will be stored on bulk storage volumes of the University Medical Center Utrecht. These volumes are mirrored to ensure redundancy by physically separating copies and extensive measures are taken to ensure security and integrity. For specifics, see Storage Appendix.
Personally identifiable data (as defined by the ‘Wet bescherming persoonsgegevens’, http://wetten.overheid.nl/BWBR0011468/2016-01-01 and the ‘Wet op de geneeskundige behandelingsovereenkomst’, http://wetten.overheid.nl/BWBR0005290/2017-01-01) will be stored behind the firewalls of the hospital, ensuring the privacy of the patient and protection of the data. If there is a need to store any sensitive data on a portable device, the corresponding data or drive will be encrypted and password locked. In case of transferring the data electronically, encryption with password protection will be applied and transmitted over secure connections. For further details on the use of personally identifiable information, see Privacy regulations Appendix.
Data access, sharing and long term archiving
All products from this project will be made available by submission to [select correct repository at https://www.ebi.ac.uk/submission/] unless a more appropriate facility can be identified. Datasets submitted to an EBI repository will be available indefinitely as specified by EBI. In case of ethical concerns or scientific competitiveness some parts of the dataset can be restricted as needed. All data will be described by extensive metadata, documentation, the license and instructions for reuse of the data (Data Access Agreement). The independent Data Access Committee will preside on access requests from external parties. The selected repository will assign a DOI/accession number to the dataset, making it cite-able, findable and reusable. Data management and stewardship policies within the UMC Utrecht Center for Molecular Medicine are developed and implemented by the Utrecht Bioinformatics Expertise Core (UBEC, http://www.ubec.nl). We strive to make data as FAIR (Findable, Accessible, Interoperable and Reusable) as possible by regularly improving policies and active monitoring and facilitation of metadata collection. For more information, see Data access, sharing and long term archiving Appendix.
Synchronization between the two locations takes place once an hour. Snapshots are created each hour and maintained for 90 days. There is a separation of bulk storage solutions for the research and patient-care domains, keeping patient and research data separate.
Privacy regulations Appendix
When personally identifiable information is used within a research project, protocols are in place to ensure correct pseudonymization of the data. Since genomic data can indirectly lead to identification of a person, it should be classified as a restricted dataset.
Data access, sharing and long term archiving Appendix
The independent Data Access Committee can be reached by email at DACDBG@umcutrecht.nl. The UBEC strives to make data as FAIR (Findable, Accessible, Interoperable and Reusable) as possible. To implement this, a scale of 'FAIR-ness' is considered:
- Making the data findable by assigning a DOI to the set. The DOI can be used to cite the data. By using the selected repository this prerequisite is already met (accession/DOI number automatically assigned).
- Linking FAIR metadata to the dataset. If metadata is linked, it is available for complex queries and machine searches.
- Options for both restricted and open access datasets should be available. This means a (semi-)automated process for access to the dataset and a Data Access Committee in place.
- Making the dataset itself functionally linked. This makes the dataset searchable for humans and machines, making it fully available for reuse.