Selecting the right data storage system will help you to work efficiently, safely and securely during your research.
The College provides the following storage options which can be used to store in-project research data:
See here for more information
Up to 25TB of storage space
Secure environment, version control, backups, file sharing
Good for collaborative research projects
Can be used to store personal or sensitive data*
Only staff employed by King's can request and own a SharePoint site
File size limit (200GB)
*Not suitable for patient data
Limited storage space (1TB) and file size (200GB)
Risk that data will be deleted when users leave
Not suitable for patient data
Seek guidance from IT Services before using to store personal data.
General guidance on data storage from IT Services
For additional support from IT Services, email firstname.lastname@example.org or telephone 020 7848 8888.
Where possible, you should store your data using facilities provided by the college. If the use of external devices is unavoidable always ensure that:
Good for extra backups
Extra security can be provided through encryption
Risk of hard drive failure or virus infection
Laptops easily lost or stolen
PC may be less secure than college provided services
Not suitable for long term storage
File sharing, version control and syncing
Most provide secure access and backups (but check terms and conditions)
Not suitable for confidential or sensitive data
Data could be lost if service provider goes out of business
Access to data could be blocked and/or data could be used for other purposes (always check terms and conditions)
Convenient for short-term file transfer and storage
Easily lost or damaged
Limited life-spans (DVDs average 2-5 years)
If you fail to regularly back up your files you risk losing valuable data which could be time consuming and costly to replace and may even prove impossible to replicate. To prevent the loss of important data it is vital that you have measures and strategies in place to back up your data throughout the lifetime of your project.
Make regular checks to ensure that no data has been lost or corrupted when copied (e.g. using a Checksum function)
Watch this useful video from the University of Wisconsin Data Services: 3-2-1 Rule.
IT are responsible for backing up anything stored on the University's networked file servers. You and your colleagues are responsible for ensuring that data stored elsewhere (PCs and laptops, external and portable media devices - see below) are regularly and securely backed up.
The amount and frequency of data backed up will vary, from complete backups of all files to incremental backups which only copy those files changed or altered since the last backup. More information about backup strategies can be found on the UK Data Archive web page Backing-up data.
For further assistance with data storage and data security contact the IT Service Desk: Email email@example.com Telephone 020 7848 8888.
The UK Data Archive have published useful information and guidance on data storage
Data that contains sensitive or confidential information should be treated with higher levels of security. Keeping your data secure allows you to control access and prevent accidental or malicious loss and damage.
General Data Protection Regulation (GDPR)
Additional guidance on data security can also be found on the Information Compliance team's webpages and IT Services webpages.
The college has published an Encryption Policy
SharePoint Online is a file-sharing and collaboration service provided by the college. Only employees of the university are eligible to request ownership of a SharePoint site.
All staff, students and affiliates have access to a One Drive for Business account which enables file sharing with other staff and students at King's.
The King's file transfer service can be used for files which cannot or should not be sent by email.
If the transmission by email of files containing personal data is unavoidable, any documents containing personal data or confidential information should be encrypted and passwords or key codes sent separately from the data.
Guidance on email encryption
To comply with the GDPR, personal data can only be transferred to territories outside of the EU if that country is considered to have an adequate level of personal data protection or contractual commitments to provide adequate levels of protection have been agreed with the intended recipient:
... a controller or processor may transfer personal data to a third country or an international organisation only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available– GDPR, Article 46(1)
If you are transferring personal data from a country or territory outside the United Kingdom or the EU you must ensure that the collection and transfer of the data complies with the General Data Protection Regulation (GDPR) and any equivalent legislation in that country or territory. For digital files use SharePoint Online, One Drive for Business or the File Transfer Service. For paper and other non-digital records we recommend that you try and keep the records with you on the flight (i.e.in hand luggage) if this is possible.
If the postal service must be used as a form of transfer, data should be sent by secure courier or recorded delivery. King's has agreed terms with City Sprint for national and international courier services.
If you are sharing personal or other sensitive data it is a good idea to have a data sharing agreement in place. A data sharing agreement sets out a common set of rules to be adopted by the various parties involved in any data sharing activities.
The Information Compliance team can provide assistance with drawing up a data sharing agreement.
Research involving human subjects is subject to legal and ethical obligations, including:
Source: UK Data Service - Ethical Obligations
All research involving human participants undertaken at King's requires ethical approval (see the Research Ethics Office webpages for further information) and processing of personal data must be done in compliance with the General Data Protection Regulation (GDPR).
The Information Commissioner's Office's (ICO) have published a useful Guide to the GDPR describing the principles under which data must be processed.
Personal data is defined by the GDPR as any data that relates to a living individual, or information which could lead to an individual being identified if combined with other data.
Special category personal data is subject to more stringent rules about how it should be managed and is defined as data containing any information that relates to:
While not explicitly special category data, the following should also be treated in the same manner:
+44 (0)20 7848 1030
Browser does not support script.