Working with sensitive data

Protecting your Data (intranet login to access) provides useful guidance on handling and storing work-related information as does the University’s IT Security & Use Policy. Our Store files page (intranet login to access) also has advice on classifying information and what areas of storage are suitable.

Encrypting sensitive data

Encryption is the process of obfuscating data so that only those with the correct decryption key or password are able to read them. The strength of encryption refers to how difficult it would be for an attacker to decrypt the data without knowing the key in advance, and this depends on both the method and the key used.

The tool you use for encryption should inform you of the method it will use and may give you a choice. The Information Commissioner's Office currently recommends using the AES-128 or AES-256 encryption methods, of which the latter is stronger.

Whenever setting the key to be used by an encryption method, be sure to use a strong password.

Information about encryption options can be found within the protecting your data section (intranet login to access) under my IT. For further information see Encryption – Information Commissioner's Office.

Storing sensitive data

Using external storage providers

While external services such as Dropbox are convenient, they do not comply fully with the University's data policies due to the following issues:

  • data may be stored in jurisdictions which do not provide the same level of privacy and data protection as the European Economic Area;
  • they do not interact well with existing University storage services;
  • they do not provide sufficient guarantee of continued availability;
  • extra precautions must be taken in order to ensure more than one person at the University has access to the data, in case of researchers leaving the University.

Such solutions should therefore be avoided for sensitive data. If you are considering using external storage providers nevertheless, perhaps because of conditions imposed by external collaborators, only consider those which will allow you to take the following security measures:

Securing computer equipment

Even if the data are stored securely, there is a risk that unauthorised persons might access the data using the credentials and equipment of authorised users. There are steps that can be taken to mitigate this risk:

  • Encrypt the hard drives of any laptops or other portable equipment used for accessing the data.
  • Ensure that desktop computers are locked with a password when left unattended.
  • Take reasonable precautions when entering passwords that others do not observe what is entered.

More information

Transferring sensitive data

Transmission over standard HTTP or email is not secure, and may be intercepted and read by third parties. Extra precautions need to be taken when transferring sensitive data between collaborators:

  • Email can be made more secure by putting the sensitive data in an encrypted attachment. The encryption password should be transferred by other means.
  • Alternatively, the entire content of email can be made secure by encrypting it with a system such as PGP.
  • Data can also be transferred on removable media, such as an external hard drive, by a secure courier. The courier to be used should be agreed on and trusted by both parties. The data should be encrypted on the drive and the password sent separately. See Protecting your Data (intranet link log in to access) for further information.

Disposing of sensitive data

You should ensure that you dispose of sensitive data securely. For example, If you have collected personal data, you should ensure that your methods of disposal provide adequate protection for the identity of participants.

Furthermore, you might be required to demonstrate that you have complied with any requirements to destroy third-party data in accordance with their terms of use.

Digital data

See Protecting your Data (intranet link log in to access) and Data disposal – UK Data Archive for further information.

Non-digital data

Paper-based sensitive data can be disposed of using the labelled bins found in all office areas.

See also the University of Westminster Records Management Policy.

Example case

A researcher in the Westminster Business School needed to write a data management plan for a research project. The project involved the analysis of highly sensitive commercial data from a consortium of industrial collaborators, which would be transmitted to the University by encrypted email in the first instance.

The plan identified nine types of data that would be collected by the project, and specified which of these would contain confidential data. It further specified different handling protocols for each type according to the anticipated level of confidentiality. For example, for the most confidential data, the researcher decided to use a dedicated computer with full-disk encryption, backed up to an encrypted directory on the University P Drive.

In addition, the plan set out the process that would need to be followed if access were requested to the confidential data, a process that respected the non-disclosure agreements reached with the collaborators. It also set out when and how the confidential data would undergo secure disposal.