Research Data Security (MT) New
This course covers basic security for all your research data. In this course, research data means research files, folders, programs, participation sheets, notes, audio recordings, databases, spreadsheets, videos, transcripts, collaborations, datasets, agreements, diagrams, images, etc. that have value to you and your research. It is not just about personal data.
Part 1 introduces students to some of the legal issues around academic research involving personal data.
Parts 2, 3 and 4 cover basic information and cyber security, a quick impact assessment specifically for researchers and then covers the full risk assessment process by walking you through securing your research by conceptualizing and then assessing possible risks, followed by examining different ways to reduce those risks.
This is delivered in a practical and non-technical way although there are some terms to do with risk assessment which may be unfamiliar to you. For this reason there is a glossary available.
- All staff and students
- This course is free to join and is available for all students and staff of the University
Number of sessions: 2
# | Date | Time | Venue | Trainers |
---|---|---|---|---|
1 | Thu 7 Nov 11:00 - 11:30 | 11:00 - 11:30 | CaRM Zoom | Madeleine Taylor, James Knapton |
2 | Tue 26 Nov 11:00 - 12:00 * | 11:00 - 12:00 * | CaRM Zoom | Madeleine Taylor, James Knapton, Kim Clugston |
- UK GDPR terminology, principles, rights and research exemptions
- Where to find guidance from the University on academic research including personal data and its linking with University Research Ethics
- Information Security basics (CIA) and the route to acceptable residual risk
- Assets, Threats, Threat Actors, Controls, Vulnerabilities, Impact, Likelihood and Risk
- The Information Security Risk Assessment (ISRA) and how it compares with the Data Protection Impact Assessment (DPIA)
- Obfuscation
- Storage by Classification and further controls to achieve acceptable residual risk
After taking this course, students will:
- be aware of the basic terminology, principles and rights of the UK GDPR and be able to assess which research exemptions may be relevant to their research and how this affects data subject rights.
- be able to assimilate guidance on UK GDPR in the context of academic research and understand where ethics fits in, within the University of Cambridge.
- be able to appreciate how appropriate security is dependent upon an assessment of risk and relate this through a pathway to focus on residual risk being acceptable
- gain an appreciation of risk to themselves, their team, their tutors and research leads, their department and the university by the exposure of vulnerabilities in controls to certain threats and threat actors
- be able to complete an information security risk assessment and use this, and further references, to evidence good data management practice
This course is taught online with pre-recorded lectures. There will be a short live Zoom session at the start of term which will outline the structure of the module, and two optional Zoom Q&A sessions dotted across the year.
Please note that students should complete the pre-recorded lectures and course material before attending the Q&A session.
There is no textbook and no reading required for this course other than the student notes provided.
Moodle is the 'Virtual Learning Environment' (VLE) that CaRM uses to deliver online courses.
CaRM instructors use Moodle to make teaching resources available before, during, and/or after classes, and to make announcements and answer questions.
For this reason, it is vital that all students enrol onto and explore their course Moodle pages once booking their CaRM modules via the UTBS, and that they do so before their module begins. Moodle pages for modules should go live around a week before the module commences, but some may be made visible to students earlier.
For more information please visit our website
This module runs once in the Michaelmas Term, and once in Lent.
Click the "Booking" panel on the left-hand sidebar (on a phone, this will be via a link called Booking/Availability near the top of the page).
Booking / availability