Research Data Management

THP’s research and innovation activities are stewarded through its Institute for Better Health (IBH); a research and innovation institute that is embedded and aligned with the strategic goals of THP, the community and our healthcare system. As THP’s research and innovation engine, IBH is a core enabler of THP‘s mission of shaping a healthier tomorrow through the application of scientific expertise, innovative thinking and partnerships. Therefore, THP is committed to providing our research community with the support needed to ensure proper data management and stewardship procedures are in use and research is conducted with integrity to produce the highest quality of research. The THP RDM strategy is our commitment to support our research community by ensuring that our policies, procedures and guidance documents are established using best practices for data management and stewardship, and supporting excellence in research.

What is Research Data?

Research data is defined by the Tri-agencies as “data that are used as primary sources to support technical or scientific enquiry, research, scholarship, or creative practice, and that are used as evidence in the research process and/or are commonly accepted in the research community as necessary to validate research findings and results. Research data may be experimental data, observational data, operational data, third party data, public sector data, monitoring data, processed data, or repurposed data. What is considered relevant research data is often highly contextual, and determining what counts as such should be guided by disciplinary norms” .

What is a Data Management Plan?

A Data Management Plan (DMP) is a formal document that details the strategies and tools you will implement to effectively manage your data during the active phase of your research, and the mechanisms you will use for preserving and appropriately sharing your data at the end of the project. A DMP is a “living” document that can be modified throughout a project to reflect any changes that have occurred.

RDM Guidance document and templates:

• Data Management Plan Template – Survey & Qualitative Research
• Training Resources | Digital Research Alliance of Canada (alliancecan.ca)

What is Research Data Management?

The processes applied throughout the lifecycle of a research project to guide the collection, documentation, storage, sharing, and preservation of research data, and allows researchers to find and access data.

What is Research Data Stewardship?

The responsibility for and practices used to fairly, equitably and appropriately enable research data ownership, sharing, use and retention throughout the lifecycle of a research project, and following the completion of a research project. Research data stewardship is an accountability assumed for the well-being of the organization and the communities it serves in its service to and support of those for whom the data pertains.

Why Is Research Data Management Important?

For the value of data to be fully realized, specific treatment of data is needed both throughout the course of research and beyond. Researchers are encouraged to consider the benefits of creating a DMP to conceptualize and implement systems for organizing and documenting datasets and to align with security best practices. An example of RDM best practice is ensuring supporting datasets are prepared, deposited, and retained in an appropriate repository at the conclusion of a project. Researchers should consider the value of making datasets available for reuse, enabling the recognition of contributors responsible for the data production, and facilitating the further reach and impact of the research investment. Well-managed data that are made available to others allow studies to be replicated and results validated. This supports research findings and can open new channels for discovery, contributing to global understanding, knowledge building, and innovation. This should be balanced with the agreed upon uses of data while respecting data ownership and expectations of partners and their communities.

Scope

THP’s RDM strategy was developed to support those who conduct or support research occurring within and/or under the auspices of THP.

Oversight and Review

At THP the RDM Working Group has been responsible for overseeing the implementation of the RDM strategy. The strategy will be reviewed and updated annually and move to a 3-year review cycle once all activities to inform the strategy are fully developed.   Oversight of the RDM strategy will occur through an RDM Committee that will consist of members from the following areas:

• Privacy and Information Security
• Library & Knowledge Services
• The Research Ethics Board
• IBH Operations
• Data, Insights & Advanced Analytics
• Science Portfolio
• Research Finance

The IBH Senior Leadership Committee will be responsible for reviewing and providing final approval of the RDM strategy, including revisions to the RDM strategy.

How to Properly Manage Data

Researchers are responsible for adopting RDM practices. This includes ensuring the safe handling, secure storage, and appropriate security controls and restrictions around access to information. Research data also needs to be managed in ways that adhere to all legal and ethical requirements and fulfill any sponsor obligations or research partner and/or community expectations.

It is recognized that what constitutes research data will differ by project and that different kinds of data or research methodologies will require distinct practices to make the data most useful. Data management decisions will also be impacted by the characteristics of the individual datasets. Likewise, disciplinary standards and practices may influence the management of data, including approaches to workflows, required documentation, metadata selection, and repository selection for data deposit and sharing. Research involving confidential or sensitive data will need to adhere to legal and ethical frameworks to ensure information is protected and to reduce risk of harm. Researchers working with marginalized communities should follow community-developed principles and engage with members to design research approaches. When working with Indigenous peoples or communities, this involves recognizing the right to Indigenous data sovereignty and the authority and authenticity of Indigenous epistemological approaches to knowledge (Indigenous ways of knowing). When working with Black communities, and engaged in research that seeks to collect race-based data involving Black communities, this involves: (1) recognizing the importance of honoring Black communities right to govern data collection, management, analysis and use as a key part of self-determination; and (2) the importance of Black communities identifying ways to protect and manage the way their data is shared or linked to other systems.

Expectations for Research Data Management Practices

Researchers should treat data with rigour, operate within institutional frameworks in an effective manner and abide by all ethical and legal requirements, sponsor obligations, and partner and community expectations. Research data should also be managed in ways that align with disciplinary best practices and community-driven principles. When using third-party data, researchers must ensure that they abide by licenses and terms of use.

Researchers must ensure security requirements and guidelines are implemented and follow the institutional Data Classification levels and associated actions under the Information Security Standard. The appropriate selection and use of infrastructure should align with best practices and project needs. First, consider the use of approved and vetted resources. If considering the use of other resources, ensure compliance with relevant policies, procedures, and security guidelines. Data should be managed in ways that protect against data corruption and employ appropriate protections to safeguard against economic and geopolitical risks, misuse and the theft of intellectual property.

Researchers should be aware of the supports available through central and divisional services. Researchers should leverage opportunities to increase the understanding of RDM and utilize resources that aid in the implementation of responsible data management practices. Communication channels should also be used to stay abreast of developments, supports, and opportunities for feedback and engagement. All researchers, research team members, and students should be encouraged to build capacity and skills in data management activities and practices, and RDM concepts should be integrated into training and teaching when possible.

Research Data Management Supports

At THP, the Research Data Management Committee and Library Services are available to support our researchers in managing research data, by providing them with the resources and training required for creating an effective data management plan. It is an expectation that all research is done in accordance with the applicable regulations, guidelines and THP policies and procedures.

Supports available in developing a Research Data Management plan that meets the Tri-agency funding requirements:

• THP Library & Knowledge Services has developed in-person and virtual supports for researchers around training and consultation for RDM, DMP and Data Curation.
• The THP Library support staff have received training through UTL (University of Toronto Libraries) on how to provide guidance for researchers around the following and will continue to attend any new sessions as they become available to stay current around these areas:
  • Research Data management,
  • Creating a Research Data management plan and,
  • Data deposit
  • Citing data

• As part of the communication and support services, THP Library & Knowledge Services has developed an online resource guide for immediate staff access to review available tools and supports. The following resources are currently available through the following link:
  • THP Library Research Data Management Guide

• Resources to support RDM practices at THP:
  • THP Research Data Risk Matrix
  • THP Research Data Management Risk Matrix
  • Portage Network’s Sensitive Data Toolkit for Researchers Part 2: Human Participant Research Data Risk Matrix (resource used to create THP’s Risk Matrix)

• Data Management training
  • The University of Toronto Libraries currently provides resources and guidance on data management as well as training sessions Training | University of Toronto Libraries (utoronto.ca)
  • The Alliance offers a range of training materials – everything from one-page guides to online training modules and videos – that span the research data life cycle: Training Resources | Digital Research Alliance of Canada (alliancecan.ca)

• Data Deposit
  • CIHR-funded researchers: Since January 1, 2008, recipients of CIHR funding have had to comply with the limited data deposit requirements included in the Tri-Agency Open Access Policy on Publications. This policy requires that CIHR-funded researchers continue to comply with these requirements, which are specific to bioinformatics, atomic, and molecular coordinate data. The objective of this policy is to improve access to the results of Agency-funded research, and to increase the dissemination and exchange of research results. All researchers, regardless of funding support, are encouraged to adhere to this policy.[1]
  • THP will establish a central data repository for data associated with Tri-Agency funded research studies. In the current state, THP maintains a central listing of the location of all Tri-Agency funded research data and has ensured it is accessible and protected within THP’s Information Security infrastructure (where appropriate).

• Data Depository training
  • THP will provide institutional specific training on how to manage data appropriately at THP once approved sources and approaches for data storage have been establish.

The following resources are currently available for research data deposits:

• U of T Dataverse in Borealis
  • U of T Dataverse is the University of Toronto’s institutional data repository in Borealis. It is a free, secure space where U of T researchers can deposit and share their research data. The repository accepts research data from any research discipline that was conducted at or under the auspices of the University of Toronto.
  • The University of Toronto Dataverse is a research data repository for UofT faculty, students, and staff.
  • Researchers can choose to make content available publicly, to specific individuals, or to restrict access.
  • At this time, U of T Dataverse is not an appropriate repository for sensitive or confidential data. Currently, all files must be anonymized or de-identified before being deposited.
• Home | FRDR-DFDR – Any researcher affiliated with a Canadian institution can deposit data into The Federated Research Data Repository (FRDR)
  • FRDR is a bilingual publishing platform for sharing and preserving Canadian research data. It is a curated, general-purpose repository, custom built for large datasets.
• THP’s IBH will work with Information Security and Privacy to develop a data deposit.* For research projects occurring under the auspices of THP that include data repositories, IBH will seek review from both Privacy and Information Security prior to THP Research Ethics Board review.

Institutional Policies and Procedures that Guide RDM at THP

THP’s policies and procedures are currently only available to THP staff through Paradigm 3 — Search. THP policies and procedures are adequate in covering the requirements for managing data and meeting the TCPS2, Tri-Agency Framework: Responsible Conduct of Research (2021) and Personal Health Information and Protection Act 2004 (PHIPA) requirements. To ensure compliance with THP’s mandates all research conducted within and/or under the auspices of THP must comply with the following institutional policies and procedures:

• Privacy – POL INT
  • Safeguards – Individuals must safeguard information that is entrusted to them and not misuse or wrongfully disclose it. THP has a legal obligation to ensure reasonable safeguards are in place to protect Personal Health Information (PHI). THP assures this through effective administrative, physical and technical safeguards to protect information from theft, loss, unauthorized access, use or disclosure, copying, modification or disposal.
  • This policy covers:
    • The conditions and restrictions that THP imposes before permitting the collection, use or disclosure of PHI or personal information by a researcher.
    • Secondary use of PHI or personal information under the custody and control of THP.
    • Requirements research involves multiple institutions and research activity across provincial, territorial or national borders where differing privacy laws and policies may apply to the collection, use and disclosure of PHI or personal information.
    • Privacy and confidentiality around research involving the use of software applications, including mobile applications on smartphones, tablets or wearable technology.
    • Using electronic data capture systems for research.
    • Cloud data storage and/or other technologies which will store or transfer PHI or personal information, or information which could reasonably become PHI or personal information through the re-identification of previously anonymized or de-identified data.
    • Data linkage.
    • Consent requirements for research involving the collection, use, disclosure or retention of PHI or personal information.
    • The requirements of a data management plan.
• Records Retention and Disposal – POL-PRO INT
  • • Appropriate data retention periods vary depending on the research discipline, research purpose and the kind of data involved[2]. THP’s Records Retention and Disposal Policy outlines the minimum retention periods based on applicable statutes, professional regulations, best practices and established Hospital policies. Records are kept for as long as required for the purpose for which the information in the Record was collected.
    • Records (physical and/or electronic or machine-readable) which have reached the minimum retention period must be destroyed in a confidential and secure manner.
• Information Security – POL INT
  • • This document established the information technology principles that govern the key security requirements to be considered when making information management decisions. It provides a framework of enforceable rules and best practices that regulate how THP and its staff manage the enterprise information technology security objectives at all levels in the institution.

Trillium Health Partners is committed to:

• Protect the confidentiality, integrity and availability of information assets in accordance with legal and regulatory obligations.
• Hold individual users accountable for their unauthorized access to, use of, disclosure, disposal, modification of confidential information or services.
• Establish accountabilities and implement processes and controls that ensure alignment and compliance with Personal Health Information Protection Act 2004 (PHIPA), the Public Hospitals Act, and the Personal Information Protection and Electronic Document Act 2004 (PIPEDA).
• ISO/IEC 27001 Information technology – Security techniques – Information security management systems – Requirements.
• ISO/IEC 27002 Information technology – Security techniques Code of practice for information security management.

• Research Conduct and Participation- POL INT
  • This policy outlines the procedural requirements associated with conducting and/or participating in all research at THP and establishes the mandatory rules regarding all research at THP. This policy governs research at THP that involves:
• Participation of Trillium Staff and/or patients,
• Collection of Trillium staff and/or patient information/materials i.e. data, and
• Disclosure of Trillium staff and/or patient information/materials i.e. data.

Trillium Health Partners is committed to ensuring that all researchers, including principal investigators and site investigators, and study staff uphold the high quality scientific merit and conduct of all research project activities to protect the safety, rights and well-being of all human research subjects by adhering to:

• Agreement on the Administration of Agency Grants and Awards by Research Institutions
• Canadian Food and Drugs Act and its applicable regulations in particular Part C Division 5,
  • Ontario Personal Health Information Protection Act, 2004 (PHIPA),
  • International Conference on Harmonization (ICH) Good Clinical Practice (GCP) Consolidated Guideline,
  • Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans, December 2022 (TCPS2),
  • Federal Wide Assurance (FWA) for International (non-U.S.) Institutions, as amended from time to time.

Indigenous Data Considerations

Researchers must respect Indigenous cultures and knowledge, as well as recognize Indigenous data sovereignty and jurisdiction over data about Indigenous communities. Any research involving Indigenous communities must adhere to all legal and ethical requirements and be conducted in accordance with community-driven principles (such as the CARE Principles and the OCAP Principles). Indigenous peoples, communities, and organizations must be engaged throughout the research lifecycle and be involved in all key decision-making. This includes co-developing the data management plan and creating written agreements to ensure the incorporation of holistic research approaches, defining responsibilities and expectations related to data, and outlining commitments to minimize harm to Indigenous communities. Outcomes of research should be shared and returned, and data should be used in ways that benefit the communities and promote capacity development and community empowerment.

External Resources to support researchers in conducting research involving indigenous communities:

• CARE Principles — Global Indigenous Data Alliance (gida-global.org)
• Government Bill (House of Commons) C-15 (43-2) – First Reading – United Nations Declaration on the Rights of Indigenous Peoples Act – Parliament of Canada
• Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans – TCPS 2 (2022) – Chapter 9: Research Involving the First Nations, Inuit, and Métis Peoples of Canada (ethics.gc.ca)
• The First Nations Principles of OCAP® – The First Nations Information Governance Centre (fnigc.ca)
• Principles respecting the Government of Canada’s relationship with Indigenous peoples (justice.gc.ca)

Black Community Data Considerations

Researchers should recognize that legacy data processes pose many threats to Black communities by failing to focus on their health, their experiences, and their lives. Any research involving Black communities should use the EGAP Framework to guide the collection, management, analysis and use of race-based data from Black communities in ways that advance health equity. Specifically, such research should include:

• genuine, cyclical, accessible consultation with Black communities regarding data collection, management, analysis and use (engagement);
• Black community decision-making about engagement processes and data collection, management, analysis, and use, achieved through the establishment of community governance tables (governance);
• The right of Black communities to access their collective data and to determine who else can access it, along with the capacity building required to enable this right (access);
• The safeguarding of all individual rights and types of data, including identifiable, de-identified, and anonymized data (protection).

External Resources to Support Researchers in Conducting Research Involving Black Communities and Black Community Data

• Data Standards for the Identification and Monitoring of Systemic Racism
• Engagement, Governance, Access and Protection (EGAP) – A Data Governance Framework for Health Data Collected from Black Communities in Ontario
• Guidance on the Use of Standards for Race-Based and Indigenous Identity Data Collection and Health Reporting in Canada
• Principles for Conducting Research in the Jane Finch Community (updated October 2021)
• Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans – TCPS 2 (2022) Article 11, 9.1and 9.11

Whether the data is from a specific or unique community or group where the researchers are required to further consult, seek permissions for depositing the data, respect existing agreements, or follow additional data management principles, TCPS2 Article 2.11, 9.1 and 9.11 on research involving First Nations, Inuit and Métis Peoples of Canada can be applied to other communities when appropriate.

Glossary of Terms for Sensitive Data used for Research Purposes

• The glossary is intended to provide definitions for a number of common terms used in the discussion of the management of sensitive data in the Canadian context.

Government of Canada. (2016). Tri-Agency Open Access Policy on Publications (2015).  Retrieved from https://science.gc.ca/site/science/en/interagency-research-funding/policies-and-guidelines/open-access/tri-agency-open-access-policy-publications.

Government of Canada. (2023). Tri-Agency Research Data Management Policy – Frequently Asked Questions. https://science.gc.ca/site/science/en/interagency-research-funding/policies-and-guidelines/research-data-management/tri-agency-research-data-management-policy-frequently-asked-questions#1e

Portage Network, (2023). Brief Guide – Data Management Plan. @zenodo_org. https://zenodo.org/record/4495482 https://zenodo.org/record/4495482/files/BriefGuide_DMP_EN_February2021.pdf

Research Data Lifecycle. (2023).  https://www.fid-move.de/en/research-data/research-data-lifecycle

Research Data Management. (2023).  https://alliancecan.ca/en/services/research-data-management

Sebastian-Coleman, L. (2022). Chapter 8 – The Culture Challenge: Organizational Accountability for Data. In L. Sebastian-Coleman (Ed.), Meeting the Challenges of Data Quality Management (pp. 165-184). Academic Press. https://doi.org/https://doi.org/10.1016/B978-0-12-821737-5.00008-0

Tri-Council Policy Statement: Ethical Conduct for Research Involving Humans – TCPS 2 (2022) – Chapter 5: Privacy and Confidentiality. (2023, 2023-01-11).  https://ethics.gc.ca/eng/tcps2-eptc2_2022_chapter5-chapitre5.html

The Black Health Equity Working Group, (2021). Engagement, Governance, Access, and Protection (EGAP): A Data Governance Framework for Health Data Collected from Black Communities. https://blackhealthequity.ca/

University of Toronto, (2023). University of Toronto Institutional Research Data Management Strategy. https://research.utoronto.ca/engaging-research/university-toronto-institutional-research-data-management-strategy