Skip to Main Content

Research Data Management: High-Risk Data

Research Data Management (RDM) Library guide

Data Management Plans (DMPs) - High-risk data

High-risk data should be documented in the Data Management Plan before the start of the project along with the safeguards that will be in place to mitigate any risks.

These should be documented in the following sections/questions of the BU Data Management Plan (DMP) template:

Ethical and legal compliance

Storage, back-up, and security

High-risk data

In addition to special category personal data, BU's Information asset classification page lists the types of information considered high-risk. It includes things like:

  • Commercially sensitive information
  • Legally privileged information
  • Intellectual property that is under development and subject to patent/intended for commercialisation
  • Any information subject to a confidentiality agreement

This isn't an exhaustive list. It is anything whereby inappropriate disclosure could:

  • Cause significant damage to the University's reputation or operations
  • Cause great distress to individuals
  • Pose a danger to personal safety, to life, national security, cybersecurity etc.
  • Impede the investigation or facilitate the commission of serious crime
  • Substantial financial or legal penalties

High-risk data should be documented in the Data Management Plan before the start of the project along with the safeguards that will be in place to mitigate any risks.