End of an era – 2017-2020 RDM Roadmap Review (part 1)

Looking back on three years that went into completing our RDM Roadmap in this period of global pandemic and working from home, feels a bit anti-climactic. Nevertheless, the previous three years have been an outstanding period of development for the University’s Research Data Service, and research culture has changed considerably toward openness, with a clearer focus on research integrity. Synergies between ourselves as service providers and researchers seeking RDM support have never been stronger, laying a foundation for potential partnerships in future.

thumbnail image of poster

FAIR Roadmap Review Poster

A complete review was written for the service steering group in October last year (available on the RDM wiki to University members). This was followed by a poster and lightning talk prepared for the FAIR Symposium in December where the aspects of the Roadmap that contributed to FAIR principles of research data (findable, accessible, interoperable, reusable) were highlighted.

The Roadmap addressed not only FAIR principles but other high level goals such as interoperability, data protection and information security (both related to GDPR), long-term digital preservation, and research integrity and responsibility. The review examined where we had achieved SMART-style objectives and where we fell short, pointing to gaps either in provision or take-up.

Highlights from the Roadmap Review

The 32 high level objectives, each of which could have more than one deliverable, were categorised into five categories. In terms of Unification of the Service there were a number of early wins, including a professionally produced short video introducing the service to new users; a well-designed brochure serving the same purpose; case study interviews with our researchers also in video format – a product of a local Innovation Grant project; and having our service components well represented in the holistic presentation of the Digital Research Services website.

Gaps include the continuing confusion about service components starting with the name ‘Data’___ [Store, Sync, Share, Vault]; the delay of an overarching service level definition covering all components; and the ten-year old Research Data Policy. (The policy is currently being refreshed for consultation – watch this space.)

A number of Data Management Planning goals were in the Roadmap, from increasing uptake, to building capacity for rapid support, to increasing the number of fully costed plans, and ensuring templates in DMPOnline were well tended. This was a mixed success category. Certainly the number of people seeking feedback on plans increased over time and we were able to satisfy all requests and update the University template in DMPOnline. The message on cost recovery in data management plans was amplified by others such as the Research Office and school-based IT support teams, however many research projects are still not passing on RDM costs to the funders as needed.

Not many schools or centres created DMP templates tailored to their own communities yet, with the Roslin Institute being an impressive exception; the large majority of schools still do not mandate a DMP with PhD research proposals, though GeoSciences and the Business School have taken this very seriously. The DMP training our team developed and gave as part of scheduled sessions (now virtually) were well taken up, more by research students than staff. We managed to get software code management into the overall message, as well as the need for data protection impact assessments (DPIAs) for research involving human subjects, though a hurdle is the perceived burden of having to conduct both a DPIA and a DMP for a single research project. A university-wide ethics working group has helped to make linkages to both through approval mechanisms, whilst streamlining approvals with a new tool.

In the category of Working with Active Data, both routine and extraordinary achievements were made, with fewer gaps on stated goals. Infrastructure refreshment has taken place on DataStore, for which cost recovery models have worked well. In some cases institutes have organised hardware purchases through the central service, providing economies of scale. DataSync (OwnCloud) was upgraded. Gitlab was introduced to eventually replace Subversion for code versioning and other aspects of code management. This fit well with Data and Software Carpentry training offered by colleagues within the University to modernise ways of doing coding and cleaning data.

A number of incremental steps toward uptake of electronic notebooks were taken, with RSpace completing its 2-year trial and enterprise subscriptions useful for research groups (not just Labs) being managed by Software Services. Another enterprise tool, protocols.io, was introduced and extended as a trial. EDINA’s Noteable service for Jupyter Notebooks is also showcased.

By far and away the most momentous achievement in this category was bringing into service the University Data Safe Haven to fulfil the innocuous sounding goal of “Provide secure setting for sensitive data and set up controls that meet ISO 27001 compliance and user needs.” An enormous effort from a very small team brought the trusted secure environment for research data to a soft launch at our annual Dealing with Data event in November 2018, with full ISO 27001 standard certification achieved by December 2019. The facility has been approved by a number of external data providers, including NHS bodies. Flexibility has been seen as a primary advantage, with individual builds for each research project, and the ability for projects to define their own ‘gatekeeping’ procedures, depending on their requirements. Achieving complete sustainability on income from research grants however has not proven possible, given the expense and levels of expertise required to run this type of facility. Whether the University is prepared to continue to invest in this facility will likely depend on other options opening up to local researchers such as the new DataLoch, which got its start from government funding in the Edinburgh and South East Scotland region ‘city deal’.

As for gaps in the Working with Data category, there were some expressions of dissatisfaction with pricing models for services offered under cost recovery although our own investigation found them to be competitively priced. We found that researchers working with external partners, especially in countries with different data protection legislation, continue to find it hard work to find easy ways to collaborate with data. Centralised support for databases was never agreed on by the colleges because some already have good local support. Encryption is something that could benefit from a University key management system but researchers are only offered advice and left to their own mechanisms not to lose the keys to their research treasures; the pilot project that colleagues ran in this area was unfortunately not taken forward.

In part 2 of this blog post we will look at the remaining Roadmap categories of Data Stewardship and Research Data Support.

Robin Rice
Data Librarian and Head of Research Data Support
Library and University Collections

A visit from the data jungle: My internship in research data management

This is a guest post from Dr. Tamar Israeli, who completed a work/study internship with the Research Data Support team last Autumn. A link to her report is available below.

Recently, there has been a rumor in Israel that research data should be managed. As a librarian and information specialist working in an academic institution, I decided to check if this was true.

When looking for a place for an internship on the role of the library in research data management (RDM), I was happy to find out that the University of Edinburgh RDM support team has a good reputation. I remember enjoying very much my visit to Edinburgh 30 years ago so I was very happy to get Robin Rice & Martin Donnelly’s kind invitation so I could boldly go where… I had already been before.

During September 2019, I worked with the RDM support team, attended some of the staff meetings and participated in one of the RDM trainings.  As part of my internship we carried out a small scale study. The purpose of the study was mainly to understand what are the barriers that prevent researchers from using tools and services provided to them by the university when collaborating with data.

For that purpose, I interviewed six researchers from different schools and disciplines. The researchers were open and cooperative and the interviews were very interesting and insightful. If you’d like to learn about the way researchers collaborate and what influences their decision to use a particular tool or service, here is a link to our report: http://dx.doi.org/10.7488/era/2

Many thanks to the support team for their invitation and warm hospitality. It was one of the most pleasant months of my life.

Tamar Israeli
Librarian and information specialist
Western Galilee College

Research Data Service achieves ISO 27001 accreditation for Data Safe Haven facility

Following a five day on-site audit by Lloyd’s Register, the Information Security Management System (ISMS) which forms the basis for the Data Safe Haven facility for University of Edinburgh researchers has been officially certified to the ISO/IEC 27001:2013 standard. In a few weeks we will receive a certificate from UKAS (United Kingdom Accreditation Service).

The Data Safe Haven (DSH) team, comprised of members of Research Data Support in L&UC and Research Services in ITI, and with input from the Information Security team and external consultants, has been working toward certification since 2016. The system, designed by ITI’s Stephen Giles, has been extensively and successfully ‘white box penetration tested’ by external experts, one of the many forms of proof provided to the auditor. (White box means the testers were given access to certain layers of the system, as opposed to a black box test where they are not.)

The steel cage surrounding Data Safe Haven equipment in one of the University data centres.

In addition to infrastructure, a proper ISMS is made up of people who perform roles and manage procedures, based on organisational policies. The Research Data Support team work with research project staff to ensure their practices comply with our standard operating procedures. The ISMS is made up of all the controls needed to ensure that it is sensibly protecting the confidentiality, availability, and integrity of assets from threats and vulnerabilities. Over 150 managed and versioned documents covering every aspect of the ISMS were written, discussed, practiced, reviewed and signed off before being examined and questioned by the auditor.

The auditor stated in the final report, “The objectives of the assessment were achieved and with consideration to any noted issues or raised findings, the sampled areas of the management system demonstrated a good level of conformance and effectiveness. The management system remains supportive of the organisation and its business and service management objectives.” On a slightly more upbeat note, Gavin Mclachlan, Vice-Principal and Chief Information Officer, and Librarian to the University said by email, “Congratulations to you and the whole team on the ISO 27001 certification. That is a great achievement.”

The Digital Research Services programme has invested in the Data Safe Haven to allow University researchers to conduct cutting edge research, access sensitive data from external providers and facilitate new research partnerships and innovation. Researchers are expected to include Data Safe Haven costs in funded grant proposals to achieve some cost recovery for the University. To find out if your project is a candidate for use of the Data Safe Haven contact data-support@ed.ac.uk or the IS Helpline.

Robin Rice
Data Librarian and Head, Research Data Support

Collaborating on data in a modern way

Between mid-September and mid-October, the Research Data Support team hosted an international visitor. Dr Tamar Israeli, a librarian from Western Galilee College in Israel, spent four weeks in Edinburgh to increase her experience and understanding around research data management. As part of this visit, Tamar conducted a study into our researchers’ collaborative requirements, and how well our existing tools and services meet their needs. Tamar’s PhD thesis was on the topic of file sharing, and she has recently published another study on information loss in Behaviour & Information Technology: “Losing information is like losing an arm: employee reactions to data loss” (2019). Tamar is also a representative of the Israeli colleges on the University Libraries’ Research Support Committee.

Tamar carried out a small-scale study in order to gain a better understanding of the tools that researchers use to collaborate around data, and to explore the barriers and difficulties that prevent researchers from using institutional tools and services. Six semi-structured interviews were conducted with researchers from the University of Edinburgh, representing different schools, and all of whom collaborate with other researchers on a regular basis on either small- or large-scale projects. She found that participants use many different tools, both institutional and commercial, to collaborate, share, analyse and transfer documents and data files. Decisions about which tools to use are based on data types, data size, usability, network effect and whether their collaborators are in the same institution and country. Researchers tend to use institutional tools only if they are very simple and user friendly, if there is a special requirement for this from funders or principal investigators (PIs), or if it is directly beneficial for them from a data analysis perspective; sharing beyond the immediate collaboration is only a secondary concern. Researchers are generally well aware of the need to keep their data where it will be safe and backed-up, and are not concerned about the risk of data loss. A major issue was the need for tools that answer projects’ particular needs, therefore customisability and scope for interlinking with other systems is very important.

We’d like to thank Tamar for the great work she did, and for the beautiful olive oil and pistachios that she brought with her! Tamar’s findings will key into our ongoing plans for the next phase of the Research Data Service’s continual development, helping us assist researchers to share and work on their data collaboratively, within and beyond the University’s walls.

Martin Donnelly
Research Data Support Manager
Library and University Collections