Planning for sensitive data
If your research project involves working with personal or sensitive data, then you should contact the Research Ethics and Governance team. They can help you manage data ethics, and ensure that adequate protections are in place to protect the data. They can also provide templates for Consent Forms and Patient Information Sheets.
GDPR for researchers
On the 25th May 2018, the General Data Protection Regulation (GDPR) replaced the Data Protection Act. This new regulation imposes stringent requirements for protection and accountability, and the GDPR data protection principles can be found at https://www.exeter.ac.uk/staff/gdpr/principles/.
Under GDPR, all research projects that involve the processing of personal data should ensure that they have completed a data management plan that incorporates a Data Protection Impact Assessment (DPIA). Further details on how GDPR may impact your research, and guidance on completing a DPIA, can be found on the GDPR for researchers page, and all queries should be directed to the Research Ethics and Governance team.