• Data

    In the context of the Data Protection Act 1998 'data' means information which:

    a) is being processed by means of equipment operating automatically in response to instructions given for that purpose,

    b) is recorded with the intention that it should be processed by means of such equipment,

    c) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,

    d) does not fall within paragraph (a), (b) or (c) but forms part of an 'accessible record',

    e) is recorded information held by a public authority and does not fall within any of paragraphs (a) to (d)

    Examples of data are a health record (e.g. medical notes); a database or spreadsheet; paper records; etc rather than information or knowledge that you know but which is not held in a written or electronic form.

    If you need further guidance on the concept of data, please refer to p1 of the Information Commissioner's Office What is personal data? – A quick reference guide.


  • Data Controller

    The person who decides the purposes for which, and the manner in which, personal data is to be processed. This may be an individual or an organisation registered with the Information Commissioner's Office.


  • Data curation

    The actions needed to maintain research data from point of creation to ensure they are fit for contemporary purpose and available for discovery and re-use. Implicit to this are the processes of 'archiving' and preservation. Higher levels of curation will involve maintaining links between datasets, annotation, published materials and other information resources.


  • Data processing

    The processing of data includes obtaining, recording, holding or carrying out any operation on personal data.


  • Data Processor

    Any person who processes data on behalf of the Data Controller (i.e. they are responsible for the obtaining, recording, holding and/or carrying out any other operation on personal data).


  • Data Subject

    The person whose personal data is held by a Data Controller.


  • Database

    A collection of research data that is organised and allows its contents to be easily accessed, managed and updated. The type of database used depends on the requirements of the study. A common type is the relational database, where data are related to each other in a systematic manner so that they can be reorganised and accessed in a number of different ways.

    A database may house one or many datasets.


  • Dataset

    An organised collection of data that have a common theme, source or format; usually considered as a discrete entity.


  • Designated Individual (DI)

    The individual designated on the Human Tissue Authority (HTA) licence to supervise the licensable activities carried out at their establishment. DIs are trained by the HTA to carry out this important role and they have statutory responsibilities they must fulfil.


  • Disclosure

    Disclosure is the sharing of information with a third party.  Disclosure is often thought of as something to be avoided (e.g. leaving a memory stick or confidential papers in a public place or a third party hacking into a computer system).  However, there are certain circumstances when disclosure of identifiable information to a third party is entirely appropriate (e.g. when it is necessary to ensure the individual's health and well-being; where it is in the public interests; etc).  Disclosure of identifiable information with consent, or disclosure of anonymous information is common when conducting research and is appropriate.


  • DNA analysis

    The Human Tissue Act 2004 uses the term DNA analysis. This is not defined in the Codes of Practice, it could be interpreted as the investigation of variation in the nuclear or mitochondrial DNA that forms the genome of an individual and may be inherited from parent to child.

    Under the Human Tissue Act 2004, it is an offence to have bodily material with the intent of analysing its DNA without qualifying consent, subject to certain exceptions, which are outlined in the HTA's Code of Practice on Consent. This applies UK-wide.


  • Duty of Confidentiality/Confidence

    Anyone who receives information must respect its confidentiality (that is, not disclose it without consent or strong justification) if they receive it on the understanding that it is confidential, or in circumstances where there is an implicit expectation that they will not reveal it to anyone else.  A duty of confidence exists when:

        -  The information in question is not in the public domain

        -  There is a degree of sensitivity to the information

        -  It is provided with the expectation of being kept confidential