Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Anpassungen an RDMGs und Fussnoten bei 1 beginnend

About this page

A DMP is expected for any research project with clear temporal boundaries that is conducted at ETH Zurich (see Guidelines for Research Data Management at ETH Zurich). The purpose of this Data Management Plan (DMP) template and instructions is to assist ETH researchers with writing a DMP in line with good practice for data management and complies with the Guidelines for Research Data Management at ETH Zurich (RDM Guidelines) and the ETH Zurich Guidelines on scientific integrity (Integrity Guidelines). The actual blank ETH DMP template can be found here.

...

  • Are parts of your data sensitive data? What makes them sensitive?
    Sensitive personal data is information that makes a person identifiable. Sensitive data can also be confidential data such as contractual agreements with external partners. If the project deals with human subjects, ethical approval from the Ethics Committee of the Canton of Zurich (KEK) or the ETH Ethics Commission is needed.

    Info
    titleSupporting resources


  • Have you applied for ethical approval and was it granted?
    If your study requires ethical approval, your DMP must be in line with the conditions under which ethical approval was granted.

  • Did you inform study participants, and did they give their consent to collection, sharing and preservation of their data?

    The consent form is part of the application for the ETH Ethics Commission. Normally, you can briefly outline what is written in the consent form of the approved application. Please keep in mind that sensitive data can only be published in a completely anonymized form.
    Anchor
    footnoteref4
    footnoteref4
    41


  • What methods will you use to ensure the protection of personal or other sensitive data?
    Please describe any necessary protection measure such as the storage location, data encryption, pseudonymization, anonymization
    Anchor
    footnoteref5
    footnoteref5
    5 2 as well as the time of application. Be aware that the identification key of pseudonymized data should be kept in a separate physical storage location. Please also describe what happens with the data after the end of the project: Is part of these data supposed to be archived or does it need to be deleted?
Tip
iconfalse

Anchor
ftnref6
ftnref6

Expand
titleShow Examples (click to expand)


Info
iconfalse
titleExample 1

The project does not involve human or animal subjects. Therefore, no ethical issues are expected to occur during the generation of results from this project. None of the data collected or reused in this project is subject to a confidentiality agreement.


Info
iconfalse
titleExample 2

We will gain formal approval by our ETH ethics committee for all our studies before starting the data collection. All participants will be carefully instructed about the aim and nature of our studies prior to participation. Before the study starts, participants will be asked to provide informed consent, using the forms that have been approved by our ethics committee. Participation is voluntary. Participants will be told explicitly that they have the right to withdraw from our study without explanation and without penalty. 
All data will be collected anonymously.


Info
iconfalse
titleExample 3

The PI and the research team will work in conformity with all applicable rules, guidelines and principles such as the EU directive 2010/63/EU on the protection of animals used for scientific purposes, the Swiss federal law on animal protection (RS 455), the federal ordinance on animal protection (RS 455.1), and the federal ordinance on animal experimentation, production, and housing (RS 455.163). All animal experiments will only be initiated after having received the approval of the Cantonal and Federal authorities.
Details on animal usage:
In performing the experiments, we strive to strictly adhere to the 3Rs principle of Replacement, Refinement, and Reduction.
Training: All researchers and technicians working with the animals receive proper animal welfare training in conformity with DFE Ordinance 455.109.1 on ‘Training in animal husbandry and in the handling of animals’.


Info
iconfalse
titleExample 4 (anonymized data)

All data are anonymized6

Anchor
fntref6
fntref6
3, and as such, we are in line with the Swiss Federal Act on Data Protection as described on the page of the Federal Data Protection and Information Commissioner (FDPIC). The anonymized data will only be published in line with the consent forms signed by participants. Moreover, we will adhere to the recommendations of the selected FAIR repository regarding upload and licensing of the anonymized data.



...

  • How will you regulate data access rights to ensure data security?
    Please define who will have authorized access and if it is traceable. Determine responsibilities for managing access rights.

    Info
    titleSupporting resources


  • How will sensitive data be handled to ensure safe data storage and transfer?
    For any research project that involves secure handling and processing of confidential research data and/or research data related to identifiable persons
    Anchor
    fntref7
    fntref7
    74, ETH Scientific IT Services operate the secure data and IT infrastructure Leonhard Med which is part of the national BioMedIT network. Such confidential and/or person-related research data (as defined in footnote 41) must mostly be classified as strictly confidential and may thus not be stored in cloud services.
    Anchor
    fntref8
    fntref8
    8 5 Conditions under which such confidential and/or person-related research data are published and/or shared are strictly regulated and must be further specified in the DMP Section 4 ‘Data sharing and reuse’ (see below).


...

  • Who will be the owner of the data?
    In principle, the data creator is the owner (i.e., copyright holder) of the data and therefore has the right to allocate a licence to these data. For multi-partner projects a consortium agreement might be worthwhile. Make sure that you keep enough rights when a transfer of rights occurs as for instance during data upload into a commercial data repository. In case you would lose all rights when using such a repository service, look for alternatives. In addition, all the data that have been generated during an employment at ETH Zurich must shall in principle remain at ETH Zurich (see Integrity Guidelines).

  • Which licenses will be applied to the data?
    For research data we recommend the use of Creative Commons (CC) licenses such as CC0 and CC-BY, because they allow easy reuse. However, CC-licences should neither be applied for sensitive data, nor for software and code. Furthermore, all code and software developed at ETH Zurich must be registered at ETH transfer prior to sharing them. Appropriate software licenses apply.

  • Are there any constraints for data sharing and/or reuse of third-party data?
    If you have specific contract agreements on parts of your data with for instance an industrial partner you just need to state that you cannot disclose that data due to this fact. Do not name the partner in case this is already confidential. Please contact ETH transfer, if you are in doubt about contract agreements with research or industrial partners as well as if you are aiming for a patent application.

...

Tip
iconfalse

Anchor
fntref9
fntref9

Expand
titleShow Examples (click to expand)


Info
iconfalse
titleExample 1

All data are stored on the standard departmental ETH server. If the data sets are exceeding a reasonable amount it is switched to NAS also hosted by ETH. Both, standard ETH server and NAS include automatic daily backups9 and

Anchor
fntref9
fntref9
6 and are maintained by ETH Zurich’s IT Services.


Info
iconfalse
titleExample 2 (supplement to Example 1 for GitLab users)

[Example 1 +]All data will also be uploaded to and stored on GitLab for version control [e.g., GitLab repository hosted by ETH Zurich’s IT Services, https://gitlab.ethz.ch]. This holds for both the raw input data that will be processed for analysis and any output data from the analysis.


Info
iconfalse
titleExample 3 (for project with personal, sensitive data)

The data will be stored via using the following resources:

  • For general storage, ETH’s server infrastructure (for aggregated, non-personal and non-sensitive data) and Leonhard Med (for personal, sensitive data) will be used, with standardized, daily backup procedures.
  • A copy of the non-personal and non-sensitive data will also be stored on local hard-drives.
  • For code storage and version control, we will use GitLab. (https://gitlab.ethz.ch/).

Data stored on the ETH server infrastructure and Leonhard Med will be automatically backed-up daily and storage in hard drives will be backed-up weekly. Insertions and changes made in GitLab are tracked and versions are kept automatically. The team will be instructed to follow a checklist for storing and backing up data, standardizing the procedure.



...

Tip
iconfalse

Anchor
fntref10
fntref10

Expand
titleShow Examples (click to expand)


Info
iconfalse
titleExample 1

We will preserve the data for 10 years on ETH’s servers and also deposit it in an appropriate data archive at the end of the project [e.g., disciplinary data repository/archive, ETH Research Collection (with long-term preservation in the ETH Data Archive, or Zenodo, see examples in section 4.1 below)]. Where possible, we will store files in open archival formats, for example, Word files converted to PDF-A or simple text files encoded in UTF-8 and Excel files converted to CSV. In case this is not possible, we will include information on the software used and its version number.


Info
iconfalse
titleExample 2 (some data confidential due to contracts)

This research project is an industrial collaboration. The data are owned by the collaborating company and constitutes a valuable resource in the highly competitive industry in which they operate. For this reason, the original data cannot be preserved in a public data archive. Instead, the original raw input data owned by the industrial partner is preserved by the collaborating company. All aggregated, non-confidential parts of the data will be submitted to the [name of the archive, e.g., disciplinary data repository/archive, ETH Research Collection (with long-term preservation in ETH Data Archive), or Zenodo] to be kept for a minimum of 10 years. Where possible, we will store these files in open archival formats. E.g., Word files will be converted to PDF-A or simple text files encoded in UTF-8 and Excel files will be converted to CSV. In case this is not possible, we will include information on the software used and its version number.


Info
iconfalse
titleExample 3 (for project with personal, sensitive data)

The data will only be stored in an appropriate archive once they are fully anonymized10 and

Anchor
fntref10
fntref10
7 and only in line with the consent forms signed by participants. Moreover, we will adhere to the recommendations of the selected FAIR repository regarding upload and licensing of the anonymized data.



...

  • On which data repository do you plan to share your data?
    It is suggested as good practice to share at least the data underlying a publication ETH Zurich requires sharing of at least research data and programming code that forms the basis of published research output at the time of publication of research results (see comment in section 3.3.2. above RDM Guidelines). Data should be made available in compliance with the FAIR data principles including assignment of a persistent identifier (e.g. DOI) and open access to the data with the exception of sensitive personal and confidential data that cannot be publicly shared. If possible, deposit your data in a well-established, trustworthy, non-commercial repository that implements the FAIR principles. The institutional FAIR data repository of ETH Zurich is the ETH Research Collection. Alternatively, a FAIR data repository can be selected that operates within your field of research. If such a repository exists, it might be more suitable regarding metadata community standards.

    Info
    titleSupporting resources


Tip
iconfalse

Anchor
fntref11
fntref11

Expand
titleShow Examples (click to expand)


Info
iconfalse
titleExample 1

Data collected in this project will be released under a Creative Commons public domain dedication (CC0) [alternative: creative commons CC-BY licence] in the ETH Research Collection [alternatives: appropriate subject specific repository XY; Zenodo; others…] as a FAIR data repository. Data underlying publications will be shared at the point of publication of a journal article or book chapter, while all remaining data will be made available at the end of the project period.


Info
iconfalse
titleExample 2 (some data confidential due to contracts)

This research project is an industrial collaboration. The data are owned by the collaborating company and constitutes a valuable resource in the highly competitive industry in which they operate. For this reason, the original data cannot be made publicly available. As far as contractual obligations with the industry partner permit, metadata-only entries that describe the datasets will be made available in the ETH Research Collection [alternatives: appropriate subject specific repository XY; Zenodo; others…] as a FAIR data repository. In that way, other researchers can find the dataset and get information about it without having direct access to the protected data.


Info
iconfalse
titleExample 3 (data are sensitive, personal data that can be anonymized)

Patients have been informed and provided consent with a signed consent form regarding the publication of their anonymized data in a public repository. The collected patient data will be fully anonymized11 before

Anchor
fntref11
fntref11
8 before publication. The anonymized data will be released under the standard usage licence (rightsstatements.org/page/InC-NC/1.0/) in the ETH Research Collection [alternatives: appropriate subject specific repository XY; Zenodo; others…] as a FAIR data repository. Anonymized data underlying publications will be shared at the point of publication of a journal article or book chapter, while all remaining data will be made available at the end of the project period.


Info
iconfalse
titleExample 4 (data are sensitive, personal data that cannot be fully anonymized)

The collected data contains genetic information that could easily identify individual persons. Therefore, the respective data must be protected and cannot be published in a repository. As far as the metadata do not contain any confidential or personal information, metadata-only entries that describe the datasets will be made available in the ETH Research Collection [alternatives: appropriate subject specific repository XY; Zenodo; others…] as a FAIR data repository. In that way, other researchers can find the dataset and get information about it without having direct access to the personal data.



...

  • Under which conditions will you make the data publicly available?
    Describe your restrictions for data sharing due to ethical or legal constraints, preparation for patent application, security constraints, contractual obligations, intended commercial purposes and copyright issues as outlined in the Guidelines for Research Data Management at ETH Zurich. Be aware that confidential and/or person-related research data (as defined in footnote 4) can only be published in completely anonymised
    Anchor
    fntref12
    fntref12
    12 9 form and in line with consent obtained from study participants. This purpose should already be considered when preparing consent forms for study participants.


Tip
iconfalse


Anchor
fntref13fntref13
Anchor
fntref14fntref14
Expand
title
Expand
titleShow Examples (click to expand)


Info
iconfalse
titleExample 1

The project does not involve usage of any sensitive data. Therefore, no special limitations to data use or reuse are necessary.


Info
iconfalse
titleExample 2 (in case of strictly confidential data or confidential owned by e.g. a company)

The data used in this project will be handled in line with the respective classification level [strictly confidential and/or confidential, see DMP section 2.2.] that has been selected in accordance with the Directive on “Information Security at ETH Zurich”. All data is aggregated, anonymized13 and

Anchor
fntref13
fntref13
10 and processed to be compliant with data privacy laws. As described, the original data will nonetheless not be made available due to strict confidentiality. The data ownership lies with the partner company.


Info
iconfalse
titleExample 3 (in case of personal, sensitive data, i.e. strictly confidential data)

The data used in this project will be handled in line with the respective classification level [strictly confidential and/or confidential, see DMP section 2.2.] that has been selected in accordance with the Directive on “Information Security at ETH Zurich”. All data is aggregated, anonymized14 and

Anchor
fntref14
fntref14
11 and processed to be compliant with data privacy laws. [Data that cannot be fully anonymized cannot be published. Anonymized data can only be published to the extent covered by informed consent.]



...

Footnotes

Anchor
footnote4
footnote4
41“all items which, when combined, would enable the data subject to be identified without disproportionate effort, must be irreversibly masked or deleted” (Human Research Ordinance, Art 25)
Anchor
footnote5
footnote5
5 See footnote 4 2 see footnote 1 [definition of anonymization].
Anchor
ftn6
ftn6
6 See 3 see footnote 41 [definition of anonymization].

Anchor
fnt7
fnt7
 7 4 “A person is identifiable if a third party having access to the data of the person is able to identify such person with reasonable effort. [This can refer to health or biomedical traits,] religious, ideological or trade union related views or activities; […] the intimate sphere or racial origin; social security measures;  administrative or criminal proceedings and sanctions” (From the document Data Protection in Research Projects by ETH Zurich, accessed 15.10.2021).
 8 In

Anchor
fnt8
fnt8
5 in accordance with the Directive on “Information Security at ETH Zurich” (accessed 15.10.2021).

Anchor
fnt9
fnt9
96 If you or the principal investigator of your project are not sure about the conditions at your ETH Zurich department, please check with your departmental IT services at ETH whether daily backups are ensured for your standard department servers. A list of contacts can be found here.


Anchor
fnt10
fnt10
10 See footnote 4 7 see footnote 1 [definition of anonymization].11 See footnote 4

Anchor
fnt11
fnt11
8 see footnote 1 [definition of anonymization].

Anchor
fnt12
fnt12
12 See footnote 4 9see footnote 1 [definition of anonymization].
Anchor
footnote13
footnote13
13
See 10 see footnote 41 [definition of anonymization].
Anchor
footnote14
footnote14
14
See11 see footnote 41 [definition of anonymization].