A data management plan for qualitative research must do something generic STEM-oriented DMP templates rarely address: reconcile funder mandates for FAIR (Findable, Accessible, Interoperable, Reusable) data with an ethical and legal duty to restrict access to identifiable interview, focus-group and observational data. The two obligations are not opposites — a well-built plan satisfies both by specifying tiered access, consent-driven sharing limits and documented anonymisation, rather than treating “open data” and “protected data” as a binary choice.
A data management plan (DMP) is a written document, created before data collection begins, that specifies how a project will collect, document, store, protect, share and preserve its research data throughout the data lifecycle. For qualitative and human-subjects research, the plan must additionally specify how consent scope, anonymisation depth and legal basis under data protection law will be recorded and enforced at each stage.
What is a data management plan for qualitative research?
A qualitative DMP is the same core document required for any funded project — covering data types, documentation, storage, sharing and preservation — but written around data that is, by design, difficult to de-identify. Interview transcripts, field notes, focus-group recordings and open-text survey responses carry contextual detail that resists the aggregation techniques used to anonymise quantitative datasets.
Most UK funders require a DMP at application stage. The Economic and Social Research Council has required a data management and sharing statement since its 2010 Research Data Policy, and UK Research and Innovation’s common principles on data policy apply across its research councils. The plan is normally reviewed alongside the ethics application, since data handling and consent decisions are made together.
Why do FAIR mandates and human-subjects ethics create tension?
The FAIR principles — Findable, Accessible, Interoperable, Reusable, set out by Wilkinson et al. in Scientific Data (2016) — were written for structured, aggregatable datasets. Applied literally to identifiable human-subjects data, “Accessible” and “Reusable” can conflict with the duty to limit who can read a participant’s own words.
Funders resolve this with a qualifier, not an exemption: data should be “as open as possible, as closed as necessary” — the formulation used in the European Commission’s Horizon Europe research data policy and echoed by UKRI. This does not excuse qualitative researchers from FAIR compliance; it changes what “Accessible” means in practice, from public download to documented, conditional access.
| FAIR principle | Qualitative-data constraint | Practical mitigation in the DMP |
|---|---|---|
| Findable | Full metadata can itself be re-identifying (project title, participant demographics) | Publish a discoverable, de-identified metadata record with a persistent identifier even when the data itself stays closed |
| Accessible | Transcripts/recordings contain direct identifiers and verbatim quotes | Deposit in a repository offering tiered or restricted access, not open download |
| Interoperable | Coding schemes and qualitative software formats (e.g. NVivo, ATLAS.ti) are often proprietary | Document the coding frame and export a non-proprietary format alongside the proprietary project file |
| Reusable | Reuse by unknown third parties was rarely covered by original consent | Use granular, re-use-specific consent wording that anticipates archiving and secondary analysis |
How should a DMP reconcile GDPR consent with data sharing?
Under UK GDPR and the Data Protection Act 2018, personal data genuinely and irreversibly anonymised falls outside data protection law — but the Information Commissioner’s Office is explicit that this bar is high, and that pseudonymised data (a code replacing a name, with the key retained) remains personal data. The DMP must state, precisely, which version of the data at which stage is personal data and which is anonymised.
Consent forms are the operative control, not an afterthought. A plan built for FAIR-GDPR reconciliation should specify:
- Granular consent options separating participation, quotation in publications, and archiving of transcripts or recordings for secondary use
- An explicit legal basis under UK GDPR Article 6 (and Article 9 condition where special category data — health, ethnicity, political opinion — is discussed)
- A defined right-of-withdrawal window after which removal from an archived, de-identified dataset is no longer practicable
- Named repository and access-control arrangements disclosed to participants at consent, not decided afterwards
The UK Data Service — the Economic and Social Research Council’s designated data archive — operates a three-tier access model qualitative DMPs can cite directly: Open data (freely downloadable), Safeguarded data (registered users agree to an end-user licence), and Controlled data (approved researchers only, via a secure environment). Mapping each output to one of these tiers, rather than a vague “available on request” line, distinguishes a compliant plan from a defensive one.
What anonymisation techniques belong in the plan?
Anonymisation of qualitative data is a layered process, not a single redaction pass. A robust DMP names the specific technique used at each stage:
- Pseudonymisation during analysis — replacing names with participant codes while a separate, access-restricted key file links code to identity
- De-identification for sharing — removing or generalising indirect identifiers: exact job titles, place names, dates, organisational affiliations
- Redaction of unavoidable identifiers — where context itself identifies a small or unique population (a single named institution, a rare occupation), replacing detail with a category description
- Access-tier assignment — deciding, output by output, whether the residual disclosure risk permits Safeguarded deposit or requires Controlled access only
The Qualitative Data Repository at Syracuse University and the Consortium of European Social Science Data Archives (CESSDA) both publish worked examples of this layered approach for interview and ethnographic data, and are appropriate repositories to name in a DMP for social-science-led projects.
When is “not applicable” a legitimate data availability statement?
A data availability statement (DAS) reading “not applicable” is defensible only when it is reasoned, not default. Journals following ICMJE and COPE guidance expect a DAS for every submission, including qualitative studies; the acceptable move is not silence but a stated justification — for example, that full transcripts cannot be shared because de-identification would strip the interpretive detail the analysis depends on, while a de-identified excerpt corpus or the coding frame is deposited instead.
Reviewers increasingly flag blanket “not applicable” statements as a data-quality signal, because most qualitative datasets have something shareable — a codebook, an interview guide, aggregated theme frequencies — even when raw transcripts cannot be released. A DMP that pre-commits to this reasoning avoids a weak DAS being drafted under publication-deadline pressure.
Common questions on qualitative data management plans
What should a data management plan for qualitative research include?
It should cover data types collected (transcripts, recordings, field notes), consent scope, anonymisation method, storage and access controls, the repository and access tier for shared outputs, and a retention and deletion schedule for identifiable source files.
How do you anonymise qualitative data to comply with GDPR?
Apply pseudonymisation during analysis, then de-identify indirect identifiers (locations, job titles, dates) before sharing. Under UK GDPR, only data anonymised to the point that re-identification is not reasonably likely falls outside data protection law; pseudonymised data remains regulated personal data.
Do FAIR principles require open data sharing for human-subjects research?
No. FAIR requires data to be findable and accessible under stated conditions, not necessarily open. Funders including UKRI and the European Commission apply the “as open as possible, as closed as necessary” standard, which explicitly permits restricted or controlled access for identifiable qualitative data.
Can a data availability statement say “not applicable” for qualitative research?
Only with a stated reason, such as re-identification risk that de-identification cannot remove. Journals following ICMJE and COPE practice expect a justified statement — noting what, if anything, is shareable (a codebook or interview guide) — rather than a blanket refusal.
Implications and outlook
Institutional research offices and ethics committees increasingly review DMPs and consent forms as one package, because anonymisation and access-tier decisions in the DMP determine what the consent form must promise participants. Research administrators supporting qualitative and mixed-methods proposals should treat the FAIR-versus-consent tension as a design question resolved at the DMP stage — via tiered access, granular consent and named repositories — not a compliance problem deferred to publication.
As funders tighten machine-actionable DMP requirements, qualitative projects that specify access tiers and anonymisation methods in structured, repository-mappable language will be better placed to meet FAIR audit expectations and data protection obligations, without defaulting to an unjustified “closed” or “not applicable” position.
For related definitions and standards context, see CASRAI’s research data terminology dictionary and the research administration resource hub.








