Whilst planning and conducting collaborative research it is important to know how you will mitigate risks against data loss and protect your research data and participants. Factors that need consideration include:
- Encryption of devices;
- Networks used;
- Password protection;
- Use of and loss of USBs /CDs / DVD or other devices;
- Communication and data sharing channels to be used, their access, security and protection;
- Exposure to attack i.e, software patching, antivirus protection from malware, ransomware, phishing
- Holding sensitive, personal or confidential information without the authority or protection to do so;
- Transferring sensitive, personal or confidential information without the authority or protection to do it.
- Software used, its access and protection;
- Lack of secure back up or replication; and
- Provision of access to data to individuals or partner organisations without validation checks.
You are strongly advised to consult Information Services for specific advice, policies and guidance. Queen’s IS cyber security page can be accessed here.
Staff Working Overseas For staff working overseas, particularly in nations whose values may differ from our own ensure that duty of care of staff/students has been considered. Items to consider during risk assessment include:
- Protocol in place for emergencies
- Regular communication schedule to ensure the opportunity for staff to raise any concerns or issues whilst abroad
- Legal system of the host country including rules and laws that visitor must abide with
- Agreements/arrangements in place with host institution (if applicable)
- Is there any conflict between legal laws and the host institution?
- Is the work subject to UK export control?
- Ensure that all overseas staff are aware of host nation legislation including export control, national security and intellectual property
Countries and Conferences
Items to consider when preparing to travel overseas for conferences:
- Review the host country of the conference – ensure that you are familiar with local customs and laws. Ensure that you are familiar with host country and/or organisation’s view on academic freedom and discussion.
- Carefully review the information that you intend to share at the conference for any national security, confidentiality and/or export control implications. This caution should be extended to information that you will share by casual conversation and/or email/telephone correspondence. Do not be pressed to provide information that you are uncomfortable sharing.
- Ensure that attendance at conference does not give rise to any conflict of interest or breach of own internal University policies/procedures. g. any payments that you may receive for attendance at event.
- In terms of protecting sensitive data whilst travelling in general consider the use of clean and encrypted devices. This is to ensure both data protection and compliance with UK legislation e.g. export control regarding transfer of sensitive technology outside the UK without the appropriate license in place.
- Consult FCO website for detailed information on the host country.
Centre for the Protection of National Infrastructure (CPNI) have created a resource dedicated to countries and conferences which can be located here.
Academics and researchers are strongly encouraged to review the CPNI guidance for further information surrounding trusted research.