When planning your research data management and writing your data management plan, start by using the information here on the employee web and the support provided in the data management plan template. If you have further questions, contact the support functions listed below.

General questions

If you have general enquiries about data management for a research project, or do not know where to direct your question, contact Data Management Support via datahantering@sh.se.

Legal questions

If you have legal questions about data management, such as about processing personal data, please contact the data protection officer at dataskydd@sh.se.

Questions about archiving

Questions about archiving research data can be addressed to the archivist at arkivarie@sh.se.

Software and technical issues

Software is ordered via the employee web → My page → Computer and software cases → Order software. Questions about software purchases can be sent to licenser@sh.se.

If you experience technical issues with the university’s computers or IT systems, register a case with IT support on the employee web, under My page.

All research data used in research projects at Södertörn University must be managed in a legally correct manner and in accordance with good research practice. Research misconduct is a serious deviation from good research practice, specifically taking the form of fabrication, falsification or plagiarism. You can read about research misconduct and good research practice on the employee web.

When it comes to research data management, good research practice includes:

• Managing the subjects in your research with respect and care and in accordance with legal and ethical regulations.
• Designing, conducting and documenting data management in a careful and well-considered way.
• You and the university ensuring that research data is managed and appropriately retained for a reasonable time.
• You and the university ensuring that data is available as openly as possible and as restricted as necessary and, where applicable, in accordance with the principles of FAIR data management (read more in the section on Open publication of research data further down this page).

All staff at Södertörn University have joint responsibility for ensuring compliance with good research practice. If you suspect any deviations from good research practise, you should contact the university’s Council for Research Ethics.

Will you process personal data as part of your research project?

Personal data is information that can be linked to a living person. Information about deceased persons is not considered personal data.

Personal data includes:

• name
• address
• personal ID number
• email address
• ID card number/passport number
• telephone number
• IP address
• car registration number

Video and audio recordings, such as recorded interviews, are also considered personal data, because individuals can often be identified from faces or voices.

Some personal data are considered privacy-sensitive and should be given extra protection. These include:

• information about salaries
• evaluative information (such as results from personality tests)
• information about social relationships
• personal ID number

If your project processes personal data, specific requirements must be fulfilled for the processing to be lawful. Try not to collect personal data if it is not necessary for your research and you can avoid including it in the project’s data.

If you are going to process personal data, you must read Personal data in research at the employee web.

Sensitive personal data requires an approved ethical review before processing.

This concerns data of the following types:

• ethnicity
• political opinions
• religious or philosophical beliefs
• membership in a trade union
• health and medical history
• a person’s sex life or sexual orientation
• genetic information
• biometric information that is used to unambiguously identify a person
• criminal convictions, proceedings and offences

As with all personal data, avoid collecting sensitive personal data if this information is not necessary for your research.

Data on criminal offences are not sensitive personal data under the GDPR, but still require an approved ethical review before processing,

If you are going to process sensitive personal data in your project, read more about Ethical review at the employee web.

Your data may require additional protection because it contains information such as trade secrets or about security-sensitive activities. If you have any questions about this, you can contact the data protection officer: dataskydd@sh.se.

NB! If your data falls under the Säkerhetsskyddslagen (2018:585) External link, opens in new window., you must contact the director of Campus and ICT Services.

Information classification describes how sensitive or worthy of protection a particular data set is. For research data, the information classification primarily indicates how data should be stored and shared. The classification is also used during the confidentiality assessment that needs to be conducted if there is a disclosure request for your research data, as an official document.

Three security aspects

The university’s model for information classification has three security aspects:

• Confidentiality
  Data may not be accessed by unauthorised persons.
• Integrity
  Data must be accurate and reliable, i.e. not altered or destroyed.
• Availability
  Data is accessible and usable by authorised persons when needed.

Each of the three safety aspects is given a classification from 0 to 3. This classification is based on an assessment of the severity of the consequences if a security aspect fails.

How the university’s research data is classified

Södertörn University’s research data are given the following standard classifications:

• All research data are class 2 in the integrity and availability categories.
• No research data has class 0 for confidentiality.

As a researcher, you thus only need to assess whether your data is class 1, 2 or 3 as regards confidentiality.

When you classify your data, you can divide it into data sets. One data set may consist of one or more files. Each data set is then given a confidentiality classification.

Guide to confidentiality classification

Class 3

Personal data that includes information of the following type:

• ethnicity
• political opinions
• religious or philosophical beliefs
• union membership
• a person’s health or sex life
• genetic or biometric data
• information relating to criminal offences, for example that someone has committed a crime or is suspected of a crime

Also: code keys for pseudonymised personal data that contains information of the types listed above, and information that is confidential for other reasons, such as national or trade secrets.

Class 2

Information containing privacy-sensitive personal data:

• information about salaries
• evaluative information (such as results from personality tests)
• information about social relationships
• personal ID number

Also: code keys for pseudonymised privacy-sensitive personal data.

Class 1

All other research data.

How you may store and share the data set during and after the project is now determined by the confidentiality classification you have given it. (See the section on Approved storage spaces, below.)

Read more in the section on examples of information security and classification on the employee web (in Swedish).

The table below shows the storage spaces for research data that are provided by the university. You can see there which types of project participants (internal or external to SH) may be given access to the space. You can also see what confidentiality classes the space is approved for. Storage of class 3 data may require manual encryption with a personal key, see the box Data encryption, below.

Dataspar

Dataspar is an internal network drive on a local server that is specifically for research data and can only be accessed by people with an SH account. The storage space is approved for all confidentiality classes and does not require manual encryption. You can order a project folder on Dataspar via the employee web, at My page → ICT cases → Order storage space on Dataspar.

SH Teams

This is Södertörn University’s procured Microsoft Teams, and the recommended solution for sharing research data with external project participants. A research project can create a team to which internal and external project participants can be invited. You create a new Team for your project on the employee web, under Tools → Teams. Class 3 data must be manually encrypted if stored in Teams (see box on encryption, below).

SH OneDrive

This is Södertörn University's procured Microsoft OneDrive, to which all university computers automatically connect. Individual files and folders can be shared with external parties. OneDrive is less structured than Teams. Shared content is deleted if the owner is no longer employed by the university. Class 3 data must be manually encrypted if shared from OneDrive (see box below).

SH email

Research data with confidentiality class 2 or 3 must be manually encrypted if shared in an email (see box on encryption, below).

Other storage spaces and cloud services

Box, DropBox, Google Drive, private OneDrives and other external cloud services are not approved for the storage of research data, as no official backups are made.

The university has a responsibility to ensure that research data is not destroyed or lost, so they must be stored where backups are made regularly. Therefore, research data may be stored on external storage devices such as USB sticks, external hard drives, local laptop hard drives, measuring instruments and recording equipment only while strictly necessary (e.g. during data collection in the field). These data must be transferred to one of the approved storage spaces listed in the table above as soon as possible.

When measuring instruments and recording equipment are used to collect data with confidentiality class 2 or 3, you must ensure that the data is not automatically uploaded to a cloud service such as Samsung Cloud or iCloud (Apple). Make sure you switch off this feature in the app before starting to collect data.

Research data generated in projects at Södertörn University are normally official documents and included in the university archive. They can therefore be requested by the public in accordance with the principle of public access to official documents. It is also vital that research can be reviewed, such as in the event of suspected research fraud. The retention of research data is therefore also an important element of good research practice.

According to university regulations, research data must be retained for ten years. After that period, the project leader for the project in which the data was generated, or the head of school or equivalent if the project leader is no longer at the university, should decide whether the data set can be deleted (weeded) or whether it should be permanently preserved. The university archivist can assist during this deletion review.

Södertörns högskolas Informationshanteringsplan (in Swedish) is the governing document.

Only data files of the following types must be retained. Please note that the same data set can fulfil several of these conditions, and that satisfying one of the conditions is sufficient for it to have to be retained.

Raw data files

This includes, for example, unprocessed survey responses, audio and video recordings and images, and files created by measuring instruments.

Data files that have served as the basis for a scholarly publication

Data necessary for conclusions in a published, peer-reviewed article or book must be retained. Research results that have only been presented at a conference or published somewhere as a draft without peer review are not included.

Data files that are regarded as finalised

All data files that have been finalised—i.e. no additions or other changes will be made—must be retained. Data material that is unfinished and currently being processed does not need to be retained, unless it fulfils one of the other conditions.

NB! Data requested from archives or registers of Swedish government agencies, which have not been processed to the point that significantly new data objects have been created, do not need to be archived at Södertörn University. However, for smaller data sets, it can be convenient to keep copies of these data together with the project’s other data.

If you have research data from a previous project on a local hard drive or external storage device, you should move it to the approved storage space for long-term retention.

Instructions:

1. Make sure that the project the data set belongs to has a registration number. If the project does not have a registration number, request one from the chief records officer according to the procedure described in Requesting a registration number on the employee web External link..
2. Order a folder on the Dataspar storage space on the employee web under My page → ICT cases → Order storage space on Dataspar.
3. Move your old data to the data archive folder in the new storage space by following the instructions in the sections above.

Making research data openly available entails documenting them and publishing them openly, so others can find them and use them in a new context.

Harmless data can usually be made directly downloadable, while other data is only disclosed to someone if specific conditions are met. Read more about this in the section What data can be made available? below.

There are good reasons to make research data openly available. One important reason is research transparency and the potential to examine research results. Another objective with making data available is to get as much good as possible out of the investment made during data collection, by researchers, research subjects and funders, by making it possible to reuse data. For these reasons, it is the goal of the Swedish government that by 2026 all research data generated with public funding is made as openly available as ethical and legal considerations allow. Read more in the government bill, Proposition 2024/25:60, Forskning och innovation för framtid, nyfikenhet och nytta External link. (in Swedish).

Three things that available data should or must have:

A permanent link

A minimum requirement for a data set to be considered openly available is that it has a permanent link, called a persistent identifier (PID). This link can be used to refer to the data set, for example in a publication, and by following the link the data set can be directly downloaded or requested. There are different standards for persistent identifiers; the one most used for research data is called a DOI (Digital Object Identifier) External link..

Descriptive metadata and documentation

This is information about the data set, and includes things like the research field, data format, and time, place and method of collection. Some information is machine-readable and used by a search engine to find data sets and filter search results. Other documentation is necessary to ensure that the data set can be used in a rigorous manner, for example in a new research context.

Standard formats

Using open and well-documented standard formats for the data files allows them to be read by new users without specialised software, now and in the future.

The FAIR principles are an evolution of the requirements for making research data available. FAIR stands for Findable, Accessible, Interoperable and Reusable. FAIR is a vital element of the work on open science. You can read more about FAIR at The Swedish Research Council External link..

Available research data are stored in a repository, also called a catalogue. Data published in the repository can be found using a web search engine. Some data sets, once found, can be freely downloaded, others require you to send a request for disclosure if access requires that certain conditions are met.

The organisation that runs the repository assigns a DOI to each uploaded data set. The repository can also place requirements on data uploads to ensure some degree of compliance with the FAIR principles. Research data repositories may thus be of varying quality, depending on how well their data conform to the FAIR principles.

There are many different research data repositories, of varied quality and focusing on different research fields. If a research project at Södertörn University does not have specific reasons for choosing another repository, we recommend the Swedish National Data Service's (SND) research data catalogue External link.. SND’s repository maintains a high standard, meaning that research data stored there can be found base on good metadata and are well documented.

Data published at SND are searchable using Researchdata.se External link., the Swedish dataportal External link., the European dataportal External link., Google Dataset Search External link. and other international search engines.

Read more about how to publish your research data with SND. External link.

Researchdata.se also has information about making research data openly available. External link.

The university’s Data Management Support can help you with the publication. Contact them via datahantering@sh.se.

Some research data can be made available without restrictions, so a user can download the data set directly. This could be data that does not contain any personal data, trade secrets or national secrets, and is not protected by copyright.

Other research data can be made available with limited access. This means that a description of the data set (its metadata) can be found by following a DOI or getting a hit in a search engine, but the data set cannot be downloaded; instead, it must be requested. In the event of such a request, a confidentiality review is performed. If the client does not fulfil the conditions for accessing the data set, the data is not released.

Making available just the metadata for a dataset that for some reason cannot be shared freely, and not the actual data, is also a way of following the FAIR principles and is therefore encouraged.

You can read more about which types of data cannot be made available without restrictions at Researchdata.se External link..

There are several ways of finding openly available data sets.

Find data via a persistent identifier

A DOI is a persistent identifier, i.e. a permanent link to the openly available data set (or just its metadata) that can be used to reference the data set, for example in a publication. A DOI can look like this: https://doi.org/10.7937/NC7Z-4F76 External link.. The link can be followed in an ordinary web browser.

Finding data via a search engine

You can also search for research data for which you do not have a DOI in a search engine on the web. Many of these search engines will search several repositories, such as the SND research data catalogue. These include:

Researchdata.se

Researchdata.se External link. searches several Swedish research data repositories.

Sveriges dataportal

Sveriges dataportal External link. searches Swedish research data and openly available data from government agencies.

Data.Europa.Eu

Data.Europa.Eu External link. is the European data portal and searches through available European research data and other available European data from public authorities and others.

Google Dataset Search

Google Dataset Search External link. is a search engine for data sets and searches research data repositories internationally.

Re3data.org

Re3data.org External link. is a catalogue of research data repositories. You can search for repositories, for example by subject, or browse among registered repositories External link..

If you are going to use openly available data

What follows are some things to consider if you use openly available research data in your own work.

As with other published research, good research practice requires that you cite openly available data sets you have used in your work. Usually, the citation should take the same form as a bibliographic citation and include the data sets’ DOI.

A data set may have specific terms of use, specified in a licence. Ensure your use does not violate these terms.

If you request a data set that has been published with restricted access, you will usually specify what you are going to use the data set for, and you may not use it for anything other than what you specified.

You can read more about what you need to do when reusing open available research data at Researchdata.se External link..