Safe Data Transportation and Transfer
It is important to protect your data during the entire data life cycle. To find out whether your data are secure during all stages of your research, think about your data flow: where do your data originate and where do they go to? If data need to be transported from one physical place to the other, or need to be transferred from one device to another, these actions should happen in a secure way.
Transferring digital data
Online connection on campus
If data collection takes place through a certain measurement device (e.g. MRI scanner, EEG scanner, eye tracker), the data need to be transferred from the measurement device to the storage location that you will use during your research project. Make sure that this transfer takes place in a secure way and also make a plan for the data on the measurement device; find out whether they need to be destroyed or can remain there.
Online connection outside campus (with and without VUnetID)
If you are doing fieldwork outside the campus and you have reliable and secure internet access, it is a good idea to upload the data to a storage location that is regularly backed up and secure, in order to prevent data loss. If you have a VUnetID, you can for example use:
- Research Drive to securely and easily store and share research data.
- SURFfilesender to send you data to a colleague or consortium partner, who can store your data in an appropriate place
You can find more information about each of these storage options in the Data Storage topic.
If you need to receive data from colleagues in your project who don’t have access to these tools (e.g. because they are students, don’t work for a Dutch educational institution, or have no VUnetID), Research Drive, Yoda, SURFfilesender and secure emailing with Zivver can also be used:
- Research Drive: This cloud storage service provided by SURF enables researchers from VU and external researchers to manage files and folders in a shared storage location.
- SURFfilesender: as a SURFfilesender user, you can send a voucher to someone who doesn’t have access to this tool. This person can use this voucher to send documents to you. These files can be encrypted.
- Yoda: This cloud storage service provided by SURF enables researchers from VU and external researchers to manage files and folders in a shared storage location.
- 🔒 Zivver is an email plugin with which you can encrypt emails and attachments.
Offline data outside campus
If you are doing fieldwork in an area with limited internet access, you might use a portable device to initially store your data during the phase of data collection, such as a USB drive or an external hard drive. These data can be transferred to a storage location that is connected to the internet (e.g. Research Drive, Yoda) later. Please make sure that the data on such portable devices are secured, by using encryption (and by transporting them safely by using a lockable briefcase or backpack).
Transporting physical data
If physical objects need to be transported, you should check with the data manager at your department (if available) what options are available. Special briefcases that can be locked or secure backpacks may need to be used to keep informed consent forms or other sensitive data objects (USB drives etc.) secure during transport. A checklist may help to ensure all objects will be taken along.
Data transportation and transfer across borders
Some countries have rules to control the movement of encryption technology that enter or exit their borders. If you need to travel with an encrypted laptop to secure your data, for example during fieldwork abroad, please keep this in mind. If you need to transfer data in and out of such countries, please get advice on encryption and secure transportation at the IT Service Desk.
Support
If you have general questions about how to protect your data when transporting or transferring them, you can contact the IT Service Desk. In case of complex situations for which you need tailored support, you can consult the IT Relationship Manager representing the research domain, who can request capacity at IT for setting up an information security plan. Such a plan is usually based on documents which need to be completed beforehand, like a Data Protection Impact Assessment and a Data Classification.