Skip to main content

Research Data Management: Ethical Issues

Bringing together University resources and services to facilitate researchers in the production of high quality data.


A number of ethical and legal requirements apply to the management of research data, particularly where the research involves human subjects. Ethical considerations include the purpose and nature of the research itself, the nature of consent obtained (e.g. opt-in versus opt-out participation) and what data need to be safeguarded during analysis, etc.

It is mandatory that all research conducted in UCD or by UCD staff or students that involves human participants or animals must be ethically reviewed and approved  by either the Human Research Ethics Committees (HREC) or the Animal Research Ethics Committee (AREC). 

Much research data about people – even sensitive data – can be shared ethically and legally if researchers employ strategies of informed consent, anonymisation and controlled access to data.

For example, the Growing up in Ireland study uses all these strategies in order to make their extensive data freely available to researchers.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) will come into force on the 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive. To find out more please follow the links below.

When it can all go wrong....

Report into dysfunctional households breached ethical standards, claims researcher:

"Using freedom of information requests, Nick Bailey, a lecturer in the University of Glasgow's school of social and political sciences, claims that the head of the Troubled Families Unit, Louise Casey, did not 'seek or obtain ethical approval' from families interviewed in a much-heralded report published in July."

"Bailey also points out that while the names of the 16 families interviewed had been changed, the details on the number, age and gender of children had not, making it possible to identify them."

24 Oct 2012. The Guardian

ANDS Publishing and Sharing Sensitive Data Decision Tree

The Australian National Data Service (ANDS) has made available a useful decision tree on publishing and sharing sensitive data. Their website also contains a lot of useful information, including a guide and presentation.

Research Ethics and New Forms of Data for Social and Economic Research

This report sets out some basic rules that underpin an ethical approach to research using new forms of data for social and economic research. These rules and the interpretation that we place upon them give rise to a set of recommendations designed to provide a framework for the ethical governance of research using such data. There are assumptions and limitations underpinning these recommendations – they are not cost-free and will be easier to apply in countries with established research ethics procedures, particularly where research organisations and data owners have access to ethical review bodies. The sharing of expertise on, and knowledge about, research ethics between countries is critical to the creation of a common and cost-efficient ethical environment for social scientific research.

OECD (2016), "Research Ethics and New Forms of Data for Social and Economic Research", OECD Science, Technology and Industry Policy Papers, No. 34, OECD Publishing, Paris.

Informed Consent

"Informed consent is an ethical requirement for most research and must be considered and implemented throughout the research lifecycle, from planning to publication. Gaining consent must include making provision for sharing data and take into account any immediate or future uses of data…. Contrary to what some researchers or research participants believe, even sensitive materials can be shared ethically. At a minimum consent forms should not preclude data sharing, such as promising to destroy data unnecessarily.”

UK Data Archive

Core principles:

  • consent must be freely given with sufficient detail to indicate what participating in the study will involve
  • there must be active communication between the parties - what is expected from participants and why their participation is required
  • documentation outlining consent has to differentiate between consent to participate and consent to allow data to be published and shared; view a sample information sheet here:
  • consent cannot be inferred from a non-response to a communication such as a letter or invitation to participate.

See also:


“Before data obtained from research with people can be shared with other researchers or archived, you may need to anonymise them so that individuals, organisations or businesses cannot be identified… Re-users of data have the same legal and ethical obligation to NOT disclose confidential information as primary users. ” (UK Data Archive)

Procedures to anonymise data should always be considered alongside obtaining informed consent for data sharing or imposing access restrictions.

A person's identity can be disclosed from:

  • direct identifiers such as names, addresses, postcode information, telephone numbers or pictures
  • indirect identifiers which, when linked with other publicly available information sources, could identify someone, e.g. information on workplace, occupation or exceptional values of characteristics like salary or age

Anonymising research data can be time consuming and therefore costly. Early planning can help reduce the costs.

For more information and guidance on both quantitative and qualitative anonymisation please refer to:


The Office of Research Ethics: provides support and advice, including one-to-one consultations, for researchers going through the ethics review process. Contact the Research Ethics team at

Professor Lynn Jamieson

Prof Lynn Jamieson, Centre for Research on Families and Relationships, University of Edinburgh, talks about obtaining consent from research subjects for data to be shared in this short (1’ 27”) video:

Access Control

Mixed levels of access control may be put in place for some data, combining controlled access to confidential data with standard access to non-confidential data. For example, studies such as Growing up in Ireland (GUI) have two levels of access based on the different types of files:

Anonymised Microdata Files (AMFs) – non-confidential and anonymised files are freely and speedily available to researchers through the Irish Social Science Data Archive.

Research Microdata Files (RMFs) – where more detailed or confidential data are required an application is made directly to the GUI team. If successful the data may be accessed only in a secure, non-networked and “locked-down” environment.

Safeguarding Privacy in Academic Research