Sensitive Data Access Control Plan

Published on

The Sensitive Data Access Control Plan is an eAtlas form for documenting how restricted research datasets should be managed, discovered and accessed over time.

Use this form when a dataset cannot be published openly, but still needs to be described, governed and made discoverable through public metadata. The form helps project teams record why the data is sensitive, what kinds of use may be acceptable, who should be consulted about access, and how the dataset should be managed after the original project team has moved on.

The completed form should be submitted with the eAtlas Dataset Report Form when a restricted dataset is being documented for eAtlas.

When should I use this form?

Use the Sensitive Data Access Control Plan when your dataset contains information that should not be released openly because publication could cause harm, breach obligations, or disclose information that is not yours to share.

This may include datasets involving:

  • personal or confidential information
  • Traditional Knowledge, Indigenous Cultural and Intellectual Property, or data requiring community governance
  • threatened species, culturally sensitive sites, or locations where public release could increase environmental pressure
  • commercial-in-confidence or industry-supplied data
  • third-party data with restrictive licences
  • government, governance, policy or interview data that was collected under restricted conditions
  • data covered by ethics approvals, consent forms, permits, agreements or other access conditions

The form is not intended to make sensitive data open. It is intended to make the existence of the dataset discoverable and to record the conditions under which access, reuse, reinterpretation or future management may be possible.

You do not need this form if…

If the dataset can be published openly under a standard open licence and there are no special access restrictions you do not need an Access Control Plan.

In general, publicly funded research data should be made public where possible. Access restrictions should only be applied when there is a clearly identified and justifiable reason.

What does the form record?

The Access Control Plan records the information needed to manage a restricted dataset responsibly over the long term. It asks the project team to describe:

  • why the dataset is restricted
  • what uses of the data are likely to be acceptable
  • what information a researcher would need to provide when requesting access
  • who developed the access control plan
  • where the data is stored
  • who has long-term governance responsibility for the data
  • who is responsible for storage, security and access control
  • whether a public, anonymised or summarised version of the data exists
  • whether the data may become less sensitive in the future
  • what should happen when the original project team is no longer available

The form separates public information from private internal notes. The public section is used to help create the public metadata record, so that other researchers can understand that the dataset exists and whether their intended use is likely to be appropriate. The private section records additional detail for future data custodians and is not intended for publication.

How does this help with sensitive data?

Sensitive datasets are often kept inside the producing institution and are never described publicly. This can protect the data, but it also means the dataset may become effectively invisible. Future researchers cannot request access to a dataset they cannot discover, and future custodians may not know why the data was restricted or what conditions were intended to apply.

The Access Control Plan provides a documented pathway for responsible access. In some cases, this may involve controlled release of data under agreed conditions. In other cases, the raw data may never be shared externally, but the original team or data custodian may be able to answer new questions, provide derived products, or support collaboration without releasing the sensitive dataset itself.

The aim is to avoid treating “restricted” as the same as “lost”. A restricted dataset can still have long-term value if its existence, governance arrangements and access conditions are clearly recorded.

Submitting the form to eAtlas

When submitting a restricted dataset to eAtlas, please provide:

  • the completed Sensitive Data Access Control Plan
  • the completed eAtlas Dataset Report Form
  • the associated dataset files, if they are being supplied to eAtlas
  • preview images for the metadata record, if appropriate
  • related reports, publications or links, if appropriate

Submit these materials to e-atlas@aims.gov.au.

If the associated files are too large to send by email, use a suitable file transfer service. Make sure that the transfer method is appropriate for the sensitivity of the data.

The eAtlas team will review the dataset documentation before publishing the public metadata record. The metadata record will be developed from the eAtlas Dataset Report Form and the public section of the Sensitive Data Access Control Plan.

Important

The completed Access Control Plan should be stored alongside the original dataset, wherever that dataset is held. It acts as a long-term record of how the restricted data should be managed, even if the data itself is not stored in eAtlas.