Data Processing - data privacy and sensitive data- Elli Papadopoulou (Librarian at Athena R.C. / OpenAIRE NOAD for Greece) Presented : at OpenAIRE - EOSC-hub webinar “Data Privacy and Sensitive Data Services” https://www.openaire.eu/item/openaire-eosc-hub-webinar-data-privacy-and-sensitive-data-services https://www.openaire.eu/item/openaire-eosc-hub-webinar-data-privacy-and-sensitive-data-services

1. @EOSC_eu@OpenAIRE_eu |
www.eosc-hub.eu
www.openaire.eu
6th December 2018

2. data privacy and sensitive data
Elli Papadopoulou
Librarian at Athena R.C. /
OpenAIRE NOAD for Greece
Data Processing
6th December 2018

3. 1. Data Processing
2. Data Privacy &
Sensitive Data
● What is data processing
● Where is it positioned in a data
management lifecycle
● What are its components
● What are the key elements of data
privacy
● How to handle sensitive data
6th December 2018

4. 1. Data Processing

5. • the operational phase during which raw data is being manipulated to
result to meaningful information
• what data? textual, images, audio (and their metadata!)
- electronic, digital, analog, physical
What is Data Processing
6th December 2018

6. • Handling/curation of data
• Between data collection and
data preservation
• Involves processes such as:
ingestion, aggregation,
analysis, classification,
metadata enrichment,
organisation, validation,
storing, etc.
• There might be re-processing
of data (e.g. data migration)
• Data disposal
Data Management
Lifecycle
Data Processing
6th December 2018

7. -Type of data: what has been used or generated (e.g. software) during research
process and support/validate its outcomes
-Format of data: one format for analysis and then convert to a standard format (more
sustainable: .rtf, .xml, .tif, .wav; proprietary: .doc, .jpg, .mp3)
-Metadata: use metadata standards
-Persistent Identifiers (PIDs): a long lasting reference to a document, file or other
object - many repositories will assign them in deposit
● (Research) Data Management policies or repository policies -
retention, withdrawal, format, metadata standards, storage, etc
Data Processing in a Data Management Plan and FAIR manner

8. 2. Data Privacy &
Sensitive Data

9. In force since 25 May 2018
Data Privacy or Data Protection - The legal framework
Intellectual Property Rights -
Copyright
Also: Trade secrets directive &
unitary patent system

10. - Personal data (and metadata)
- Confidential data (trade secrets, investigations,...)
- Security data (passwords, financial information,
national safety, military,….)
- Data protected by Intellectual Property Rights (IPR)
- Location Data/GPS/mobile phones
- Endangered (plant or animal) species, where their
survival is dependent on the protection of their
location data (biodiversity community)
- Combination of different datasets could lead to
sensitive data?
Types of sensitive data
- racial or ethnic origin
- political opinions
- religious or philosophical
beliefs
- trade union membership
- genetic data, biometric data
- physical or mental health
- sex life or sexual orientation
- criminal offences

11. - Access controls
- passwords, firewall (viruses,
hacking)
- Anonymisation
- removing or aggregating variables
or reducing the precision or detailed
textual meaning of a variable
- Encryption
- encoded digital information
Data Security and Sensitive data - best practices
- Share in a secure place
- no cloud drives
- Store in an isolated machine
- server not connected to
Internet
- Secure disposal
- no data recovery is possible
(uninstall)

12. - DANs https://dans.knaw.nl/en/training-consultancy
- UK Data Archive https://www.ukdataservice.ac.uk/manage-data
- CESSDA Data Management Expert Guide
https://www.cessda.eu/Training/Training-Resources/Library/Data-
Management-Expert-Guide
- DCC Curation Lifecycle Lifecycle
http://www.dcc.ac.uk/resources/curation-lifecycle-model
- Amnesia (anonymisation tool) https://amnesia.openaire.eu/
Useful Resources

13. @EOSC_eu
@openaire_eu
Questions ?

14. Elli Papadopoulou
elli.p@imis.athena-innovation.gr
Thank you!