Skip to main content
v2026.1714 entries · CC-BY 4.0
CiteLicenceEN-GB
CASRAI
Dictionary termTrack CStablev2026.2

Sensitive-data handling (in DMP)

The section of a DMP that documents the categories of sensitive data involved (personal, special category, commercially confidential, indigenous, security-restricted), the legal basis for processing, and the technical and organisational measures applied.

ByCASRAI Editorial Board
· Last updated 21 May 2026

Examples

Worked examples

  • Is an instance

    A DMP recording pseudonymised special-category health data under GDPR Article 9(2)(j) with deposit only in a controlled-access repository.

  • Is an instance

    A DMP committing to indigenous data governance via co-authored sharing protocols with community partners.

Counter-examples

Looks similar, but isn't

  • Not an instance

    A blanket statement 'no sensitive data involved' on a project that collects identifiable interview transcripts.

  • Not an instance

    A general security policy of the institution copied verbatim.

Editorial commentary

In maDMPs, the 'security_and_privacy' entity of the RDA Common Standard hosts these statements with controlled vocabularies for data category and basis. Where the GDPR applies, the section cross-references the project's Data Protection Impact Assessment and the lawful basis. For indigenous data, CARE Principles for Indigenous Data Governance frame the commitments.

References

  • GDPR (EU 2016/679); CARE Principles for Indigenous Data Governance (GIDA, 2019); UK Anonymisation Network Anonymisation Decision-Making Framework.

Also known as

DMP sensitive data section · DMP privacy and security

Machine-readable encodings

Use in your systems

JATS XML <role> element
xml
<role vocab="credit"
      vocab-identifier="https://casrai.org/dictionary/"
      vocab-term="Sensitive-data handling (in DMP)"
      vocab-term-identifier="https://casrai.org/dictionary/term/sensitive-data-handling-in-dmp" />
Schema.org DefinedTerm (JSON-LD)
json
{
  "@context": "https://schema.org",
  "@type": "DefinedTerm",
  "name": "Sensitive-data handling (in DMP)",
  "identifier": "https://casrai.org/dictionary/term/sensitive-data-handling-in-dmp",
  "description": "The section of a DMP that documents the categories of sensitive data involved (personal, special category, commercially confidential, indigenous, security-restricted), the legal basis for processing, and the technical and organisational measures applied.",
  "inDefinedTermSet": "https://casrai.org/dictionary/domain/machine-actionable-data-management-plans-madmp/",
  "url": "https://casrai.org/dictionary/term/sensitive-data-handling-in-dmp",
  "sameAs": [
    "DMP sensitive data section",
    "DMP privacy and security"
  ],
  "license": "https://creativecommons.org/licenses/by/4.0/"
}

Adopted by research universities worldwide

University of Cambridge logoColumbia University logoUniversity of Edinburgh logoHarvard University logoMassachusetts Institute of Technology logoUniversity of Oxford logoPrinceton University logoStanford School of Medicine logoUniversity College London logoUniversity of Cambridge logoColumbia University logoUniversity of Edinburgh logoHarvard University logoMassachusetts Institute of Technology logoUniversity of Oxford logoPrinceton University logoStanford School of Medicine logoUniversity College London logo
  • University of Cambridge logo
  • Columbia University logo
  • University of Edinburgh logo
  • Harvard University logo
  • Massachusetts Institute of Technology logo
  • University of Oxford logo
  • Princeton University logo
  • Stanford School of Medicine logo
  • University College London logo

View CASRAI adoption →