4.4.6 Data management plan and processing of research data

Before you can start collecting data, you need to have a very well-thought-out research plan for your thesis and, in many cases, a well-developed knowledge base. The thesis plan is supplemented by a data management plan.

If you have applied for a research permit, you will not able to start collecting the data until it has been granted to you.

So do this in the following order:

  1. Thesis plan, attached by a data management plan. If the thesis is a literature review, there is no need to prepare a data management plan.
  2. Possible research permit, attached by a data management plan and a possible research plan.
  3. Data collection can begin.
  4. Appropriate storage of the data during the thesis process.
  5. Archiving, opening or disposing of the data once the thesis has been completed.

The data management plan is part of the thesis plan

The data management plan describes what different kind of data you collect, how you store and distribute the data, what legislative (e.g. data protection) or contractual issues are related to the data, and what is done to it when the thesis is completed. The purpose of the data management plan is to ensure that good scientific practice is followed in the thesis. It is also intended to ensure that research data is never compromised.

The aforementioned issues must always be resolved as part of the research work. The data management plan and its instructions help with this. The data management plan complements the thesis plan, so avoid unnecessary overlap.

Attach the data management plan to your thesis plan. You will also need a data management plan if you are applying for a research permit or a preliminary ethical review. If the thesis is a literature review, there is no need to prepare a data management plan.

Creating data management plan

Create a data management plan according to your choice using either the Word template at the bottom of this page or with the DPM Tuuli data management planning tool. They both also contain instructions on how to prepare the plan and what is described in it. You can find the link to DMP Tuuli at the end of the page.

The DMP Tuuli planning tool is used with Haka login. The first time, the ID must be registered, and Jamk University of Applied Sciences must be selected as the organization. In the future, the user can log in directly through Haka under Sign in with your institutional credentials. This is how you find the Jamk’s template: select Create a new plan, write Jamk University of Applied Sciences as a research organization, check the box No funder associated, and finally select the template of Jamk. The plan created in the program can be shared in different file formats and shared with other users, for example to the thesis tutor or another thesis author.

Indicators and research data

At this stage, you will compile an indicator suitable for collecting data, i.e. a tool by which you can collect data for your thesis. The results of your work are based on your analysis of the data. You are also expected to be able to describe the implementation stage of your research, so you should keep notes of everything.

Research data can be in the form of text, image, video or sound:

  • Primary data includes data acquired through surveys, interviews, workshops or measurement and observation, for example.
  • Secondary data includes pre-existing data, such as biographies, diaries, official statistics, registries, databases, archives, data produces by the commissioner, etc. If you use secondary data, be sure to also take any applicable copyrights into account.

Storage, archiving and destroying of data

Storage and transmission of data during the thesis project

Plan where you will store your thesis data, how you will manage its user rights, and what you will do with the data once the thesis has been completed. Store the data carefully and securely, taking into account any agreements made with the commissioner. The methods and access rights used may vary depending on the type of study and the stage of the thesis.

The selected solutions are described and justified in the data management plan. This list will help you choose your solutions.

At Jamk, you can use a personal home directory (H drive) for your data. The network drive is suitable for storing confidential and sensitive data. The H drives are located on Jamk’s own servers and backed up daily. Jamk’s workstations are encrypted, which makes it virtually impossible to restore files. The H drive can also be accessed through remote.jamk.fi.

Log in to the services using specifically the Jamk account (see Links below). This gives you more storage space and functionality, and Jamk’s data is contractually protected. The partnership agreement between various universities allows for higher quality and, above all, more secure storage space for files in the cloud compared to private user accounts. However, the services are not suitable for confidential, sensitive information, but you can store personal data there. The mobile user should take care of the security of their phone.

  • In OneDrive, files can be accessed from different devices anytime, anywhere. Files can be edited simultaneously. OneDrive is personal and will be removed if the user leaves Jamk. That is also when the data will also be removed from the service!
  • Teams is the most versatile service for working together. In addition to workers and students, people outside Jamk can also be involved. Teams will remain at the disposal of the organisation if they leave Jamk. In such case, a new administrator must be assigned to the team (either the outgoing administrator configures or this is requested from the Jamk HelpDesk).
  • OneDrive and Teams are backed up. Only files are backed up from Teams, not conversations.

FileSender is a file transfer service that you can use with Jamk’s user ID through HAKA login (see Links below). The service is suitable for sending large files securely instead of as an email attachment (up to 50 GB). You can specify how long you share the file and when the file transfer expires and can no longer be downloaded. All transactions will be notified to the distributor. The service is provided by CSC and the servers are located in Finland. The service is not suitable for the transmission of sensitive information.

Jamk uses the Webropol survey system for personnel and students (see Links below). You can assign access to your survey to Jamk students or personnel. The programme ensures that personal data related to surveys is retained within the EU. The programme complies with high security standards and all its servers are located in Finland. If you use Webropol to create a survey related to the study, you must take into account the requirements for the processing and storage of personal data in the survey system. The same principles apply to other survey systems. The system is not a permanent storage location for the data.

Jamk offers students various ICT systems and software as well as home use licences (see Links below).

On a case-by-case basis, consider whether the chosen method is suitable and reliable for storing the data and discuss the solution with your thesis supervisor or commissioner. The storage solutions provided by the commissioner must also ensure that the data security and data protection for the processing of the data are taken into account. Memory sticks and external hard drives are not considered a secure way of storing or transmitting data. The computer desktop is not a secure storage method.

Destroying or archiving of data after the completion of the thesis

Jamk is not responsible for storing the data of the theses. As a rule, the data of a thesis does not need to be saved permanently.

Please remember to inform the research subjects about the archiving, re-opening or disposal of the data and to agree on this with the potential commissioner.

Destroying of data

The data to be destroyed will be deleted so that the data cannot be restored. Certain data, e.g. memory sticks, are discarded by crushing, or in case of paper data, by shredding.

Archiving data

  • Archiving the data for yourself: If you justifiably store the thesis data after the thesis has been completed, it must be stored securely and in such a way that the data can be used later. Information that enables identification must be permanently removed from the data (anonymisation).
  • Agreed with the commissioner: Agree with the commissioner on a secure method of storing the data that is kept unchanged if there is a justified reason for this, for example, due to further use. Information that enables identification must be permanently removed from the data (anonymisation). If the commissioner is a university of applied sciences or other Finnish research organisation, the data storage services available to them may be used for storage. Check with your commissioner about the options offered by the organisation.
  • Archiving to a data archive and opening of the data and its descriptive data: High-quality data can be stored in a data archive, from where others can download it for further use openly/in a limited manner. The data must be anonymous. The data is stored in a reliable location and its descriptive information (metadata) and access rights (open/restricted) are published. After that, the data, metadata and its authors can be found through search services (Research.fi). You can offer the data to the Finnish Social Science Data Archive (FSD) or you can save and describe it yourself through various services (IDA, Zenodo). The options and prerequisites for archiving and opening should be examined in advance, for example through the organisation’s support services. Support services for Jamk students and personnel are available at att(a)jamk.fi.

Remember that the respondents must always be informed of how the data is stored when the data is collected.

If you want to make the data or other outputs, outcomes or results related to the thesis reusable, see the licence instructions below (University of Helsinki). Also keep in mind copyright issues.

Storing and disposing your research data after graduation (Master students)

Note! Master’s thesis data must always be stored for two years after the completion of the thesis. This enables the data to be checked if necessary. After two years the data can be destroyed, if the data otherwise no longer needs to be stored. If there is still a need to store the data after that, anonymization is done at this stage.

Master students need to store the data used in their master’s theses for two years after graduation. After the graduation, however, services provided by Jamk are not anymore available. Research data of the master’s thesis which does not contain personal or otherwise sensitive data can be stored to private computers and backed up by using cloud storage services with private account. If your data does contain personal or otherwise sensitive data, follow these instructions:

  • You can store the data on your private computer locked with a password. In addition to the password to your computer you can add separate password to individual files. Do this. If you change your computer, you need to permanently delete the sensitive data from your old computer by using a dedicated programme, such as Eraser (see Links).
  • You will also need a backup version of your data. You can use cloud storage services with private account only if you encrypt the files before uploading them to cloud. For encryption you need to use a dedicated programme, such as Cryptomator (see Links). It is essential that the password to the encrypted files is strong and that you do not lose it. If the password gets lost, no one, even the user or the programme administrator, cannot restore them.

Encryption of the files is essential due to the policy of cloud storage services. Regular user is not able to decide where the files are stored. When using for instance Google Drive or Microsoft OneDrive with private account, it is likely that the data is transferred to servers located outside the European Economic Area (EEA), and if the data contains personal data, this transfer would need separate basis as well as informed consent of the research subjects (Data Protection Ombudsman, see Links). Encryption is a necessary and sufficient measure, so that the data containing sensitive information remains concealed even if the data itself would move to servers outside EEA.

Template for data management plan

Data management plan template for thesis (DOCX)