Research
  1. About our research
  2. Spotlight on research
  3. Research in our departments and centres
  4. Research publications
  5. Research and Enterprise
  6. City's Research Excellence Framework 2014
  7. Research Degrees
  1. Research ethics
  2. Help and guidance
  3. Research records
Research

Research records

Understanding data and research data management can play a significant role in research project.

How to manage research records

Researchers should keep full and accurate records of research projects.

Research records will:

  • Demonstrate good research practice and strengthen the reliability of research evidence;
  • Safeguard researchers and the City, University of London from allegations of research misconduct;
  • Protect intellectual property rights;
  • Demonstrate compliance with General Data Protection Regulations (GDPR); provisions of Data Protection Bill in due course.
  • Demonstrate effective practices and procedures (including financial management) to internal and external auditors and external sponsors).

What types of records should be kept?

  • Records relating to the administration and financial management of the project (e.g. grant applications, purchase and sales invoices, orders, delivery notes, petty cash vouchers and supporting accounting records).
  • Records of procedures followed and results obtained, including interim results (e.g. participant consent records, protocol documents, risk assessments).
  • Data generated in the course of research (e.g. interview transcripts; diaries; field notes; observational recordings; audio tapes; audio-visual recordings; photographs; press clippings; personal documents; and databases of quantitative data).
  • Records relating to the administration and financial management of the project (e.g. grant applications, purchase and sales invoices, orders, delivery notes, petty cash vouchers and supporting accounting records).

What are the definitions of personal and sensitive personal data under DPA and GDPR?

City’s Data Protection Policy sets out staff and student responsibilities under the legislation and the processing of personal data in City’s research projects.

GDPR defines sensitive data as special categories of personal data and processing this type of personal data requires the explicit consent of the data subject in almost all circumstances.

The table below highlights the differences between DPA and GDPR for sensitive personal data.

Sensitive personal data (DPA) Special categories of personal data (GDPR)
Racial or ethnic origin Racial or ethnic origin
Political opinions Political opinions
Religious beliefs or other beliefs of a similar nature Religious or philosophical beliefs
Trade union membership Trade union membership
Mental and physical health Data concerning health
Sexual life Data concerning a natural person’s sex life or sexual orientation
Commission or alleged commission of any offence, or any proceedings for any offence committed or alleged to have been committed, the disposal of such proceedings or the sentence of any court in such proceedings Similar and extra safeguards are provided in Chapter 2 Article 10 of GDPR.
  Processing of genetic data, biometric data for the purpose of uniquely identifying a natural person

Who is responsible for keeping the records while they are active?

Responsibility for the accuracy, completeness and security of research evidence during a project should lie with the principal investigator.

Extra care should be taken to ensure the security of research material containing personal data, which is subject to the provisions of GDPR and in due course provisions of the Data Protection Bill.