Could it be? Yes.
Is that something that's likely to be a significant concern for many of us?
I don't believe so.
An example from experience follows. Just over 20 years ago, I and colleagues
were designing and implementing the system which was going to manage and
provide access to data and associated documents from UK government. We were
taking advantage of digital access to make material as open as possible whilst
also protecting that which needed to be protected (principles now echoed in the
European Commission's principles on access to research data.) This meant being
able to control access to entire datasets, tables within them, or rows, columns
or cells and associated metadata at any level as well as related documents and
the metadata for those. We had material that was fully open on accession and
material that was closed to public access for 100 years and all variants
in between. I don't believe we ever utilised the ability to make any part
of dataset metadata closed to access. I think we *did* have to do that for some
documents, but only because their original titles were poorly-chosen and
contained sensitive info unnecessarily.
I can think of examples where it might be needed, but I've never needed it.
To me that makes it an edge case that should not be allowed to influence
a design or workflow unduly.
Of course, the way you've phrased the question does make it somewhat different.
There's lots of stuff that people 'consider' sensitive, but analysis doesn't
always agree, as many FoI act decisions show.
HTH
Kevin
--
Kevin Ashley. Director, Digital Curation Centre http://www.dcc.ac.uk/
E: [log in to unmask] @kevingashley | P: DCC, Argyle Hse (F West),
T: +44 131 651 3823/1239 (helpdesk) | Lady Lawson St,
M: +44 7817 402 498 | Edinburgh EH3 9DR, Scotland
On 17/03/17 14:54, Lee Wilson wrote:
> Hello,
>
>
>
> I have been unable to find a definitive answer to this question and am curious
> to hear the community’s thoughts. If a researcher submits sensitive data
> (containing PII or PHI) to a repository that is capable of providing adequate
> security protection and restricting access to the data, would the metadata
> record for this dataset also be considered sensitive? To push the question
> further, is it possible and under what circumstances would a metadata record for
> research data be considered sensitive?
>
>
>
> I am posing the question from a Canadian context, but am also interested in
> hearing how this issue would be considered in other countries.
>
>
>
> Many thanks,
>
>
>
> Lee Wilson
>
> Research Consultant, Data Management
>
>
>
>
>
|