New research data management tool on one-year trial: protocols.io

Information Services aims to offer a research data service that meets most of the data lifecycle needs of the majority of UoE researchers without interfering with their freedom to choose tools and technologies which suit their work. In some cases cloud tools that are free to individual users are offered commercially as enterprise versions, allowing groups of researchers (such as lab groups) to work together efficiently.

The service’s steering group has agreed a set of criteria to apply when a tool is put forward by a research group for adoption. The criteria were developed after our two-year trial of the electronic lab notebook software, RSpace, and have been most recently applied to protocols.io. The protocols.io trial begins this month and will run for one year. An evaluation will determine whether to continue the enterprise subscription and how to fund it.

protocols.io is an online platform for the creation, management, and sharing of research protocols or methods. Users can create new protocols within the system, or upload existing methods and digitise them. Those with access to a protocol can then update, annotate, or fork it so that it can be continually improved and developed. There is interoperability with Github and RSpace, and long-term preservation of protocols through CLOCKSS.

Users can publish their protocol(s) making them freely available for others to use and cite or, with the enterprise version, keep them private. The tool supports the Open Science / Open Research agenda by helping to ensure that methods used to produce data and publications are made available, assisting with reproducibility.

Subscribing to the University plan will allow research groups to organize their methods and ensures that knowledge is not lost as trainees graduate and postdoctoral students move on. There are currently over 70 University of Edinburgh researchers registered to use protocols.io. You may follow these instructions to move your current protocols.io account to the premium university version. For more information contact data-support@ed.ac.uk.

Kerry Miller and Robin Rice
Research Data Support team

Share

Research Data Service achieves ISO 27001 accreditation for Data Safe Haven facility

Following a five day on-site audit by Lloyd’s Register, the Information Security Management System (ISMS) which forms the basis for the Data Safe Haven facility for University of Edinburgh researchers has been officially certified to the ISO/IEC 27001:2013 standard. In a few weeks we will receive a certificate from UKAS (United Kingdom Accreditation Service).

The Data Safe Haven (DSH) team, comprised of members of Research Data Support in L&UC and Research Services in ITI, and with input from the Information Security team and external consultants, has been working toward certification since 2016. The system, designed by ITI’s Stephen Giles, has been extensively and successfully ‘white box penetration tested’ by external experts, one of the many forms of proof provided to the auditor. (White box means the testers were given access to certain layers of the system, as opposed to a black box test where they are not.)

The steel cage surrounding Data Safe Haven equipment in one of the University data centres.

In addition to infrastructure, a proper ISMS is made up of people who perform roles and manage procedures, based on organisational policies. The Research Data Support team work with research project staff to ensure their practices comply with our standard operating procedures. The ISMS is made up of all the controls needed to ensure that it is sensibly protecting the confidentiality, availability, and integrity of assets from threats and vulnerabilities. Over 150 managed and versioned documents covering every aspect of the ISMS were written, discussed, practiced, reviewed and signed off before being examined and questioned by the auditor.

The auditor stated in the final report, “The objectives of the assessment were achieved and with consideration to any noted issues or raised findings, the sampled areas of the management system demonstrated a good level of conformance and effectiveness. The management system remains supportive of the organisation and its business and service management objectives.” On a slightly more upbeat note, Gavin Mclachlan, Vice-Principal and Chief Information Officer, and Librarian to the University said by email, “Congratulations to you and the whole team on the ISO 27001 certification. That is a great achievement.”

The Digital Research Services programme has invested in the Data Safe Haven to allow University researchers to conduct cutting edge research, access sensitive data from external providers and facilitate new research partnerships and innovation. Researchers are expected to include Data Safe Haven costs in funded grant proposals to achieve some cost recovery for the University. To find out if your project is a candidate for use of the Data Safe Haven contact data-support@ed.ac.uk or the IS Helpline.

Robin Rice
Data Librarian and Head, Research Data Support
L&UC

Share

Research Data Workshops: DataVault Summary

Having soft-launched the DataVault facility in early 2019, the Research Data Support team -with the support of the project board – held five workshops in different colleges and locations to find out what the user community thought about it. This post summarises what we learned from participants, who were made up roughly equally of researchers (mainly staff) and support professionals (mainly computing officers based in the Schools and Colleges).

Each workshop began with presentations and a demonstration by Research Data Service staff, explaining the rationale of the DataVault, what it should and should not be used for, how it works, how the University will handle long-term management of data assets deposited in the DataVault, and practicalities such as how to recover costs through grant proposals or get assistance to deposit.

After a networking lunch we held discussion groups, covering topics such as prioritisation of features and functionality, roles such as the university as data asset owner, and the nature of the costs (price).

The team was relieved to learn that the majority (albeit from a somewhat self-selecting sample) agreed that the service fulfilled a real need; some data does need to be kept securely for a named period to comply with research funders’ rules, and participants welcomed a centralised platform to do this. The levels of usability and functionality we have managed to reach so far were met with somewhat less approval: clearly the development team has more work to do, and we are glad to have won further funding from the Digital Research Services programme in 2019-2020 in order to do it.

Attitudes toward university ownership of data assets was also a mixed bag; some were sceptical and wondered if researchers would participate in such a scheme, but others found it a realistic option for dealing with staff turnover and the inevitability of data outlasting data owners. Attitudes toward cost were largely accepting (the DataVault provides a cheaper alternative than our baseline DataStore disk storage), but concerns about the safekeeping of legacy and unfunded research data were raised at each workshop.

A sample of points raised follows:

  • Utility? “Everyone I know has everything on OneDrive.”
  • Regarding prioritisation of features – security first; file integrity first; putting data from other sources than DataStore; facilitating larger deposit sizes; ease of use.
  • Quickness of deposit and retrieval? Deposit was deemed more important to be quick than retrieval.
  • University as data asset owner?
    • Under GDPR the data are already university assets (because the Uni is the data controller).
    • People who manage the data should be close to the research; IT people can manage users but shouldn’t be making decisions about data. Danger that because it’s related to IT it gets dumped on IT officers. The formal review process helps to ensure decisions will be made properly. Include flexibility into the review hierarchy to allow for variation in school infrastructure.
    • When I heard that I was – not shocked – but concerned. If I move to another university how do I get access? This might be a problem. Researchers might prefer to retain three copies themselves.
  • Is the cost recovery mechanism valid?
    • Vault costs are legitimate costs.
    • Ideally should come from grant overheads, until then need to charge.
    • Possible to charge for small / medium/large project at start rather than per TB?
  • Is the 100 GB threshold sufficient for unfunded research? How else could unfunded or legacy data be covered (who pays)?
    • Alumni sponsor a dataset scheme?
    • There will be people with a ‘whole bunch of data somewhere’ that would be more appropriately stored in DataVault.

The team is grateful to all of the workshop participants for their time and thoughts; the report will be considered further by the project board and the Research Data Service Steering Group members. The full set of workshop notes are colour-coded to show comments from different venues and are available to read on the RDM wiki, for anyone with a University log-in (EASE).


Robin Rice
Data Librarian and Head, Research Data Support
Library & University Collections

Share

DwD2018 – Videos now on Media Hopper

Dealing with Data 2018 was once again a great success in November last year with over 100 university staff and Post-Graduate students joining us to hear presentations on topics as diverse as sharing data in clinical trials and embedding sound files in linguistics research papers.

As promised the videos of each presentation have now been made publicly available on Media Hopper (https://media.ed.ac.uk/channel/Dealing%2BWith%2BData%2BConference/82256222), while the PDFs can be found on https://www.era.lib.ed.ac.uk/handle/1842/25859. You can also read Martin Donnelly’s reflections on the day http://datablog.is.ed.ac.uk/2018/11/28/dealing-with-data-2018-summary-reflections/.

We hope that these will prove both useful and interesting to all of our colleagues who were unable to attend.

We look forward to seeing you at Dealing with Data 2019.

Share