Share your data with colleagues

In a collaborative research project it is possible that a number of individuals may require access to the data, possibly with different privileges to read, write, update or delete.

How to collaborate on research data?

Is your data fit for sharing?

How and with whom you can share your data depends on the nature of your data. Does it include personal data, is it confidential or in any way restricted?

The University has developed a Policy on Categorising and Protecting University Information Assets (Word) that grades data and advises on storage and transfer of information. We recommend that you familiarise yourself with the Policy, especially the four grades of the Grade Hierarchy:

  1. Ordinary
  2. Confidential
  3. Restricted
  4. Personal Data

How can I share folders with research data?

If you want to share folders with research data with other Lancaster colleagues you need to request Research data storage. Find more about this in our storage guide. You can request that the storage folder can be shared with Lancaster colleagues. 

If you need to share data with colleagues outside Lancaster we recommend using Box. Please also check our summary below to see which method of data transfer is adequate.

What is Box?

Box is Lancaster University’s solution for secure online storage. Box is an enterprise cloud storage solution that is available to all members of Lancaster University. Box uses high-grade encryption to secure data, both in transit and at rest. Box is certified by a number of external bodies as demonstrating secure practices and technologies and technologies and adheres to the adequate protection requirements of the EU Data Protection Directive.

Please note that the maximum size of a single file is 5GB. The total storage size is 1TB per user.

Can I use Box to store and share my working data?

 Using Box is the preferred way to share data with colleagues in and outside of the University is. There are a number of ways that data can be shared with external parties using Box, and it is the data owner’s responsibility to ensure that this is done correctly and in accordance with the data type.

 Box offers users the ability to share data with external users through unique links. These can (and should) be set to require a strong password (that should be communicated using an alternative method to how the link is sent, such as phone or text). Users can also specify how long the link is active for and whether the data can be download or simply viewed. The user access of the document uses high-grade transport encryption.

 More information about how to use Box can be found on Lancaster Answers.

 

Summary: What can I use for secure information transfer?

There are a number of methods available for you to use - the choice of the transfer method would depend on the information classification (doc) and circumstances, such as whether is it paper based information, whether you want to transfer information between departments on campus (internally), or whether your department has any extra rules/regulations that you need to consider.

The table below (adapted from Lancaster Answers) summarises some possible transfer methods, depending on information classification:

Information ClassificationSending externallySending internally
Ordinary
  • Box or OneDrive for Business.
  • ZendTo.
  • Email.
  • Shared folders or SharePoint site with appropriate access permissions.
  • ZendTo.
  • Jabber File Transfer.
  • Emailing acceptable.
  • Box or OneDrive for Business
Confidential
  • Encrypt and send using ZendTo.
  • Email (encryption recommended).
  • Box or OneDrive for Business
  • Shared folders or SharePoint site with appropriate access permissions.
  • ZendTo.
  • Jabber File Transfer.
  • Emailing acceptable.
Restricted
  • Encrypt and send using ZendTo.
  • Emailing not recommended, if no other alternative, must encrypt.
  • Box or OneDrive for Business
  • Shared folders or SharePoint site with appropriate access permissions.
  • ZendTo.
  • Jabber File Transfer.
  • Emailing not recommended, if no other alternative, must encrypt.
Personal Data
  • Are the recipients registered as Data Processors? Are they allowed to have this information? Compliance team can offer advice.
  • Is it possible to remove information (eg a Name) and send non-personally identifiable information (eg ID number)?
  • Encrypt and send using ZendTo.
  • Emailing not recommended, if no other alternative, must encrypt personal information before emailing.
  • Box  or OneDrive for Business (encrypt sensitive personal data before upload)
  • Shared folders or SharePoint site with appropriate access permissions.
  • Is it possible to remove information (eg a Name) and send non-personally identifiable information (eg ID number)?
  • ZendTo (encrypt sensitive personal data).
  • Jabber File Transfer(encrypt sensitive personal data).
  • Box  or OneDrive for Business (encrypt sensitive personal data before upload)
  • Emailing not recommended, if no other alternative:
    • Encryption required if contains personal information of more than one person*
    • Encryption recommended if it’s about an individual and sent internally

 

How can I encrypt data with personal information and send it to a colleague at another university?