As part of securing access/participation having to be very clear about data protection issues. Of course the ‘basics’ of anonymity and confidentiality are stated in all our submissions to the university as well as to local authorities but I wasn’t up to speed on data protection legislation or how this is changing in the context of European frameworks.So have learnt a lot from the data protection officer in one local authority in particular (would like to thank him publically but confidentiality agreements prohibits…) about the Data Protection Act 1998 and Fair Processing which led us to add a Fair Processing Notice on all participant consent forms. Some of the principles and requirements to comply with the Data Protection Act partly map on to the data management requirements now set out by funding bodies but not completely.
I think a challenging principle- particularly in the context of ethnographic research is Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed. At one level this is quite straightforward to sign up to- personal data (names, date of birth..) is not collected and we can keep to that so definitely meet the agreed principles. But the larger issue that such a principle evokes- around what ‘data’ is ‘relevant and not excessive’ – is one that troubles me in lots of ways…lots to mull over in terms of our methodologies…
I have really enjoyed the face to face and phone meetings with the data protection officer- in a complex project like this it’s fantastic to work well with someone- someone who gets the project idea, is supportive in principle and is willing to invest time and effort in helping me (us the team) work through the maze. Many thanks to the officer who cannot be named J
Comments
No comment