Close
Collaborators can play a large part in studies that handle confidential information. This page explains how this can be done properly.
Most commonly,Ìýa study's academicÌýpartners will not want to access identifiable personal data. This means that adequate steps must be taken to anonymise the data before sharing. If youÌýobtained personal data directly rather than from a third party, adequately anonymised data is usually, although not always, OK to share with a study partner provided this is done within SLMS policies and procedures;Ìýwhen you obtain data from a third party, even ifÌýyou deem it to be anonymised, you need to get permission fromÌýthe provider in the first instance (it will not be your decision to determine whether the data are anonymised asÌýyou will be working with data obtained indirectly from another Data Controller). An example where it may not be appropriate to determine yourself whether data have been adequately anonymised before sharingÌýdata obtained directly would be when your organisation is a Joint Data Controller or a Data Controller in Common with another organisation and the terms of the Controllers' agreement define what are 'adequately anonymised' data and you have not applied this correctly.
Equally when you share data with a collaborator, it is the information asset owner's responsibility to ensure they work in line withÌýUCL's information security policy and that the collaborator does not onwardly share the data you provide them to someone else without seeking permissionÌýfirst.
Where collaborators wish to use potentially identifiable data see our guide on working with third parties.
For assistance with data sharing (or ‘data transfer’) associated with sponsored research please seeÌýtheÌýUCL Material Transfer Agreements (MTA) guidance and policy, owned by Research and Innovation Services.
Ìý