Skip to Main Content

Research data management

Research data management (RDM) refers to the administration of data throughout a research project, including requirements on preservation and sharing after the project ends.

Restricting access to research data

There are several reasons why you can justify withholding your research data. Withholding data means taking a decision not to openly publish them, even if there are obligations to funders or publishers to openly share the outputs of research.

Research funders with data sharing policies typically require that research data are made as openly available as possible, recognising that there may be legal, ethical, or commercial reasons why access to some data may need to be restricted. These restrictions typically apply at all stages of a project so that the research process is not damaged by inappropriate release of data.

Access to research data does not have to be completely open. If there are justified reasons why some research data cannot or should not be made openly available, it may still be possible to share subsets of your data either through use of consent and anonymisation, or by regulating and restricting access to specific users. This should always be considered in preference to a blanket restriction.

Even if data are identified as unsuitable for open access, other data management requirements will still apply. A data management plan should be used to identify and document reasons for withholding data and publications should still include a data availability statement. This statement should include reasons why the data are not openly available and, if possible, conditions for access being granted.

The information provides guidance to help you determine whether you may be justified in withholding your research data from publication. If you are unsure as to whether you could or should make your data openly available, please email the library research support team before you publish your data.


Personal and sensitive data

Personal data must be handled in accordance with EU (GDPR) and UK (DPA 2018) data protection legislation. Personal data must not be shared with any third party without the valid consent of the person to which it relates. 

Personal data can be shared provided that valid consent has been gained, and provided that the data have been anonymised. Anonymised data should remove both direct identifiers (names, addresses) and indirect identifiers (workplace, age), so that identifiers cannot be combined to reveal an individual’s identity.

Sensitive data should also be anonymised or redacted prior to sharing. Sensitive data might include the locations of endangered plant or animal species, organisational information, and data which might place participants, the public, or vulnerable groups at risk (for example, data about marginalised communities may be vulnerable to malicious use, domestic energy usage data could be used to determine occupancy and vacancy patterns in participants’ homes).


Intellectual property and contractual obligations

You must not share your data if you do not have the right to do so, or if this would be in breach of Intellectual Property Rights, your funding contract or collaboration agreement, or a confidentiality clause. However, it may be possible to share such data with other researchers, subject to non-disclosure agreements. For advice on the University’s Intellectual Property policies, guidelines, and processes, please see the Cranfield University Policy on Intellectual Property.