New Policy Library

1.1 The objectives of this policy are to:

(a) Preserve the value of research data and records for researchers, research students, research participants, the University and wider community by defining expected standards for their management; and

(b) Facilitate effective research practices.

2.1. This policy applies to:

(a) Research data and records generated during research undertaken by University of Melbourne researchers and research students.

(b) Research data and records in any form, including digital formats, paper formats and other physical materials.

2.2. This policy does not apply to:

(a) Research where responsibility for data has been allocated to a third party through a written agreement.

3.1. This policy is made under the University of Melbourne Act 2009 (Vic) and the Vice-Chancellor Regulation and supports compliance with:

(a) Legislation

i. Copyright Act 1968 (Cth)

ii. Privacy Act 1988 (Cth)

iii. Electronic Transactions Act 1999 (Cth)

iv. Defence Trade Controls Act 2012 (Cth)

v. National Health Security Act 2007 (Cth)

vi. Privacy and Data Protection Act 2014 (Vic)

vii. Health Records Act 2001 (Vic)

viii. Public Records Act 1973 (Vic)

(b) Research codes of practice

i. Australian Code for the Responsible Conduct of Research 2018

ii. National Statement on Ethical Conduct in Human Research 2007 – Updated 2018

iii. Code of Ethics for Aboriginal and Torres Strait Islander Research 2020

4.1. Researchers and the University are responsible for ensuring that research data and records are:

(a) Accurate, complete and authentic

(b) Understandable, retrievable and accessible, for as long as is required

(c) Safe and secure

(d) Compliant with ethical and legal obligations

4.2. Failure to comply with this policy may:

(a) Lead to researchers or the University being held legally responsible for breaches of legislation.

(b) Be considered a breach under the Australian Code for the Responsible Conduct of Research and be investigated in line with the Guide to Managing and Investigating Potential Breaches of the Australian Code for the Responsible Conduct of Research.

(c) Be handled in line with the Appropriate Workplace Behaviour Policy (MPF1328) or the Student Conduct Policy (MPF1324).

5.1. Researchers must ensure that ownership of and responsibility for research data and records is identified and documented at the start of a research project and reviewed and updated as appropriate, with consideration given to:

(a)    Authority to decide on storage, retention, disposal, publication or licensing of research data or records;

(b)    Research data ownership as outlined by the Intellectual Property Policy (MPF1320):

(c)     Agreements with funders, data providers, research partners and collaborators;

(d)    Arrangements for researchers changing institutions or withdrawing from collaborative projects; and

(e)    Any Indigenous intellectual and cultural property rights, for research involving Aboriginal and Torres Strait Islander peoples (in line with the Australian Institute of Aboriginal and Torres Strait Islander Studies [AIATSIS] Code of Ethics for Aboriginal and Torres Strait Islander Research and the Aboriginal and Torres Strait Islander Cultural Heritage Policy (MPF1289)).

5.2. Researchers must ensure that the University has a record of ownership and responsibility for any research data and records they have transferred into the University’s control (e.g., for storage on University facilities).

(a)    Where no ownership or responsibility has been recorded, or the recorded responsible party is no longer a University of Melbourne researcher, the relevant Dean or delegate will hold authority to decide on storage, retention, disposal, publication or licensing arrangements in compliance with legal and regulatory obligations.

5.3. Researchers must curate and store accurate, complete and authentic research data and records in formats that are understandable, retrievable and accessible to appropriate parties.

(a) Metadata should be stored with research data and records to support interpretation, authenticity and reproducibility.

(b) Where it is not practical to store physical research data and records, durable records documenting or derived from them should be stored in digital formats.

5.4. The University must provide facilities, advisory services and resources for the safe and secure storage and management of research data and records, to support researchers in complying with their ethical and legal obligations.

5.5. When not using University-provided facilities, researchers must ensure that processes and facilities used for the storage and management of research data and records comply with ethical and legal obligations. Where researchers are unsure of their ethical and legal obligations, they should consult with research data advisory services at the University.

5.6. Researchers must ensure that research data and records are retained and disposed of in line with the Records Management Policy (MPF1106), with minimum retention periods specified in the University Records Retention and Disposal Authority.

5.7. Researchers are encouraged to deposit research data and records into suitable University facilities at the conclusion of a research activity/project, to support the meeting of retention obligations. Where research data and records are already stored on University facilities, researchers must ensure that the research activity’s completion is recorded in University registers/research management systems to allow for appropriate retention and disposal.

5.8. Researchers leaving the University should ensure that a copy of their research data and records has been deposited into University facilities to support research integrity and retention obligations, as consistent with ethical, contractual or legislative requirements.

5.9. Researchers must ensure the safe and secure management of research data and records to comply with ethical and legal obligations over the life of the research data and records, with consideration given to research data and records with sensitivities, including:

(a) Personal information subject to privacy legislation, including information that may be considered personal information when linked with other information;

(b) Sensitive cultural information, e.g., on sacred cultural practices;

(c) Sensitive ecological information, e.g., the location of vulnerable species;

(d) Information subject to export controls, as regulated by the Defence Trade Control Act;

(e) Information on security sensitive biological agents (SSBAs), as regulated by the National Health Security Act; and

(f) Commercial-in-confidence information.

5.10. Researchers should document plans for the safe and secure management of research data and records, and ensure all authorised individuals with access follow documented plans.

5.11. Researchers must ensure that research data and records are transferred and stored with electronic or physical security controls to restrict access to authorised individuals. Controls must be appropriate to the level of sensitivity as defined by the University Research Data Classification Framework.

5.12. The University must ensure that facilities provided for the storage and management of research data and records meet legal and technical requirements in line with University Research Data Classification Framework and the Information Security Policy (MPF1270).

5.13. The University must assess University facilities against the University Research Data Classification Framework, to support researchers in determining which facilities are suitable for research data of different sensitivity levels. When utilising suitable University facilities, the safe and secure management of research data is a joint responsibility between researchers and the University.

5.14. Researchers must manage personal information in line with the Privacy Policy (MPF1104) and ethics processes outlined by the Research Ethics and Biorisk Management Policy (MPF1341).

5.15. When making research data or records available to interested parties, consideration should be given to:

(a) Data ownership, e.g. intellectual property rights, Indigenous intellectual and cultural property rights;

(b) Agreements with funders, research partners, data providers or publishers;

(c) Meeting ethical and legal obligations, e.g., preserving privacy, intended use and consent for use of data at the time of collection; and

(d) Ensuring safety and security, e.g., through agreements with interested parties that define required controls;

5.16. Researchers must make available any research data and records substantiating research findings to enable academic discussion or evaluation of research outputs, unless prevented by ethical or legal obligations. Where research data or records have been requested and access refused, the reasons must be transparent and justifiable.

5.17. For research involving Aboriginal and Torres Strait Islander peoples, researchers must provide access to Indigenous data owners to uphold Indigenous intellectual and cultural property rights, in line with the AIATSIS Code of Ethics for Aboriginal and Torres Strait Islander Research.

5.18. Researchers are encouraged to publish research data and records to disciplinary, institutional or other established repositories to allow reuse by other researchers and maximise the value of research, unless prevented by ethical or legal obligations.

(a) Where ethical or legal limitations apply, researchers should consider if mediated access or sharing of a limited subset is possible.

(b) Researchers should publish research data in formats that meet disciplinary standards, as well as being findable, accessible, interoperable and reusable.

(c) Researchers should consider applying the least restrictive licensing option that is appropriate for governing the future use of their published research data.

5.19. The same procedural principles outlined above for researchers also apply to research students, with the exception that all responsibilities are jointly held by research students and their supervisors:

(a) Supervisors must provide guidance and mentorship to research students on appropriate management of research data and records for their field of research, in line with the Graduate Research Training Policy (MPF1321).

(b) Research students and supervisors must agree on and document arrangements for the management of research data and records at the start of a research project, including plans for how research data and records will be managed following thesis submission. These arrangements should take the form of a Data Management Plan which is reviewed and updated as appropriate.

Accessible means that access to research data and records by interested parties is enabled through defined processes. These processes may include authentication and authorisation steps to restrict or mediate access to appropriate parties.

Authentic means that research data and records are a true and accurate product or reflection of research processes with no attempts to falsify, mislead or obfuscate

Curate means to select, organise and present information in ways that support interpretation. Appropriate curation of research data and records is informed by accepted disciplinary practices and standards and will differ depending on the type of research data and records involved.

Data management plan means a document that outlines how research data and records will be managed through the course of a research project, including details such as project descriptions, software and systems being used, storage locations, security controls and retention arrangements.

Facilities means physical or virtual locations intended for a defined purpose. For the storage and management of research data and records, this may consist of a combination of physical space, equipment, hardware, software and the resources required to support these.

Findable means the research data or records are discoverable to interested and authorised parties for reuse. Characteristics of findable research data or records include assigning metadata that describes the content of the research data or records, attaching a persistent identifier such as a Digital Object Identifier (DOI) and indexing/making the data searchable through disciplinary portals.

Interested parties means any parties who are seeking access to research data this may be for the purposes of academic review, ethical or compliance review, or data reuse for further research.

Interoperable means that the research data or records can be effectively integrated with other data or be utilised by different applications or workflows (such as for analysis, storage or processing). To achieve this, community-agreed, published standards are used within and to describe the research data and records.

Mediated access means access that is determined on a case-by-case basis by an individual responsible for the data, who is able to assess the value and risk associated with data sharing.

Metadata means information that provides contextual details or defining characteristics about data. Meaningful metadata is dependent on the type of research data it is describing, allowing data to be interpreted accurately and appropriately. Metadata may describe, for example, where the data originated, how the data was generated and processed, when the data was collected and by whom.

Ownership means the legal or moral rights that gives individuals, groups or organisations the authority to determine storage, retention, disposal, publication or licensing arrangements.

Personal information means any information regarding an individual whose identity can be ascertained from that information.

Research data means any information, facts or observations that have been collected, recorded or used during the research process for the purpose of substantiating research findings. Research data may exist in digital, analogue or combined forms and such data may be numerical, descriptive or visual, raw or processed, analysed or unanalysed, experimental, observational or machine generated. Examples of research data include: documents, spreadsheets, audio and video recordings, transcripts, databases, images, field notebooks, diaries, process journals, artworks, compositions, laboratory notebooks, algorithms, scripts, survey responses and questionnaires.

Research record means documents containing information of any kind and in any form created or received by an organisation or person for use in the course of their research. Records often validate the provenance, authenticity and ethical collection of research data. Records associated with the research process include correspondence, grant applications, ethics applications, authorship agreements, technical reports, research reports, laboratory notebooks or research journals, master lists, signed consent forms, and information sheets for research participants.

Research student means is any student involved in conducting research under the auspices of the University of Melbourne. This includes graduate researchers and coursework students enrolled at the University of Melbourne, and visiting students enrolled with other institutions.

Researcher means any individual involved in conducting research under the auspices of the University of Melbourne who is not a research student. This includes staff, honorary staff and visiting researchers.

Retention means the long-term storage of research data and records after the completion of a research activity/project, for the purposes of meeting legal obligations or other purposes.

Reusable means being able to be utilised by others for replication of research findings or additional research applications, such as linkage with other data. This can be achieved by having standard data usage licences, provenance information and the use of domain-relevant community standards used throughout the research data and records.

Deputy Vice Chancellor (Research)

Director, Office of Research Ethics and Integrity

This policy is to be reviewed by 31 May 2025.