University of Reading cookie policy

We use cookies on reading.ac.uk to improve your experience, monitor site performance and tailor content to you.

Read our cookie policy to find out how to manage your cookie settings.

Data storage

Data collected under the authority of the University should be stored in University cloud or network infrastructure during the active phase of the project. Both University cloud and local network storage provide data security, replication in separate data centres, automated backup, and 3-month file recovery. Raw data and master versions of files should be stored here as read-only files with appropriate access controls. Sensitive/confidential data can also be stored in these locations.

Data collected in the field should be stored securely, backed up using local devices in the absence of an internet connection, and transferred at the earliest opportunity to the primary storage location.

University storage solutions

The University storage solutions described below can be used to store and share research data. They are all suitable for the storage of personal data and other confidential information (OneDrive and Teams both use the University SharePoint service, maintained on UK-based servers). Care should be taken if you store confidential information in OneDrive and Teams, as these both allow file sharing, including with people outside the University.

Information about these services and how to apply for them can be found under File Storage (login required) in the DTS service catalogue.

  • Microsoft Teams provides high-capacity file storage and sharing capability. It will be a suitable first-choice solution for most projects. The Team provides group ownership of files, which mitigates the risk of files being lost if someone leaves the University. DTS provides information about Microsoft Teams. Teams sites can be requested via DTS (login required).
  • Your University OneDrive account allows you to store and share up to 2 TB of data at no cost. Note that OneDrive accounts and any files stored in them are deleted when account owners leave the University. You should ensure any files stored in OneDrive and that need to be retained are handed over when you are preparing to leave the University. DTS provides information about OneDrive.
  • The University's Research Data Storage service is a high-volume data storage service provided at different specifications and costs (per TB per year). This may be more efficient than Teams or OneDrive for storing and processing large volumes of data. Capacity can be requested in increments of 0.5 TB. The minimum subscription term is one month. For grant costing purposes we would recommend costing by the year. Information about the service is available on the Academic Computing Team website.
  • For group access with small to medium-volume storage requirements, staff can set up a collaborative share for the project of up to 100 GB at no cost (thereafter £1.20 per GB per year). But Teams is the preferred solution to meet requirements for collaborative file access.

For those undertaking computing-intensive research, the Academic Computing Team website provides information about the Reading Research Cloud computing platform and the Reading Academic Computing Cluster.

If data are acquired using specialist infrastructure, such as the ISIS neutron and muon source, or the JASMIN supercomputing environment, raw data may be stored in the facility infrastructure, and data copied or extracted locally as required.

You may need to address storage of non-digital data, e.g. signed consent forms, in appropriate secure environments.

Information security

The basic principle of information security is that information should be accessible only to those for whom access is authorised. In the case of confidential and legally-protected information, such as personal data, this principle must be observed with care and you must put in place appropriate access controls to keep data safe from unauthorised access.

Confidential information should be managed in accordance with the University's Data Protection, Encryption and Remote Working policies, which can be found on the Information Compliance Policies web page. Information about sensible approaches to the storage and sharing of personal data can be found in the IMPS guide to data protection for researchers.

The University network and OneDrive provide warranted security for the storage of confidential information. Data can be transferred to the University network via VPN, which is an encrypted channel, and can be safely moved between devices and shared with others using your OneDrive account. Microsoft Teams can be used to store/share confidential information, but should be used with care, as any member or guest of a Team or channel will have access to all its files.

If you are using personal and portable devices to collect and store confidential data, such as audio recorders, video cameras, laptops and tablets, removable hard drives, and USB sticks, the devices should be encrypted. Guidance is provided in the Encryption Policy.

Device-level protection may not in itself be sufficient if the data are highly sensitive. You may additionally need to password-protect individual files, or better still encrypt them or the folder area in which they are stored. The University's Encryption Policy provides instructions on how to encrypt files and storage areas. The UK Data Service also provides guidance on data encryption methods.

Be aware of the risks involved in using third-party services other than those provided through the University. Use of personal accounts in third-party platforms (i.e. other than your University Office 365 account) is not covered by data processing agreements with the University. Using such services to store and transfer personal data could put you in violation of the UK Data Protection Act. The University provides access to a number of approved online survey tools. If you wish to use an alternative third-party supplier for data collection or processing, contact your DTS Business Relationship Manager to discuss your requirements.

You should also be careful about transferring confidential data by other unsecured methods, such as email. Data transmitted via email are likely to pass through and remain on a number of servers, so avoid sending confidential data by such means. If you do send confidential information by email, you should at the least encrypt files.

Another approach to the storage of personal data is to remove individual identifiers from a data file (such as participants' names and contact details) and store them in a separate secure location. You can use a unique ID or pseudonym to maintain the link between the personal data and the related data held separately.

We provide more information about compliance with ethical and legal obligations in the storage and processing of information on the Research ethics and data protection web page.

Physical data

Physical data should be stored in offices or other storage areas that can be locked and are accessible only by authorised persons. If the data are stored in offices that remain open throughout the day, they should be kept in a locked storage area, such as a desk drawer, cupboard or filing cabinet.

Signed consent forms or other non-digital records may contain identifying information and should be stored separately from data files, although an anonymous ID system can help link the two sets of materials together if required (e.g. for re-contacting purposes).

Contact us

Email

Robert Darby, Research Data Manager

researchdata@reading.ac.uk

0118 378 6161