Skip to Main Content

Research Data Management: Planning

Guidance and support to staff, researchers and students at the University of Southampton

Data Management Planning

It can be daunting if you have never written a Data Managment Plan (DMP) before.  You may find it useful to look at successful DMPs. The DCC have a list of “real life” DMPs  and you also look at examples from UCL. We also have some Southampton DMPs which we can share on request. You may also find the 'Managing Data' online course useful to review the principles.

For those writing a data management plan in support of a grant application, the Research Data team can review your plan before you submit your application. We would prefer to have at least two weeks notice before the deadline. Email us at

Specific guidance for those writing a DMP for their PhD is available on the Data Plan for your PhD page.

Useful toolsDMPOnline plans

DMPonline is a platform for creating data management plans and provides access to templates for all the major UK and EU funding bodies. We recommend that you use it to create your DMP.

RDM Planning

A data management plan is a document that describes:

  • What data will be created
  • What policies will apply to the data
  • Who will own and have access to the data
  • What data management practices will be used
  • What facilities and equipment will be required
  • Who will be responsible for each of these activities.

Why do I need a data management plan?

The carrot: improvements to efficiency, protection, quality and exposure.

Data management in some form is an unavoidable consequence of working with data. Typically data management is done at the last minute and using the first method that comes to mind. This approach is usually time-consuming and error-prone. Taking time at the start of a research project to put in place robust, easy-to-use data management procedures will usually pay off several times over in the later stages of the project. Inadequate data management can also lead to catastrophes like the loss of data or the violation of people's privacy. 

The stick: basic data management is required by the University's Research Data Management policy and is recommended in the UKRI, Wellcome and Universities UK Concordat on Open Research Data. Data management is a condition of UKRI funding and is likely to be mandated by other funding bodies, Government and institutions in the near future.

Even if your project funder does not require planning, it may be useful to write a DMP because time spent reflecting on roles and options at the start can save time later and provide additional benefits, for example:

  • If key staff move on, along with their considerable body of knowledge, it can help ensure that things stay on track. When new researchers join the project team, they can get up to speed quickly.
  • If you get queries about your data, which could include a Freedom of Information (FOI) request, a DMP can help demonstrate that ethical and confidentiality issues have been considered appropriately along with effective processes for data security, retention and sharing.

A DMP will bring most benefit if it is referred to and updated throughout the project and viewed as an integral part of the research process.

Example DMPs

DCC have a list of “real life” DMPs at

UCL also have a list of DMPs:

We also have some Southampton DMPs which we can share on request.

Concordat on Open Research Data

HEFCE, RCUK, Wellcome Trust, Universities UK

In 2016 HEFCE, RCUK, Wellcome and Universities UK launched their Concordat on Open Research Data [pdf].


Bookmark this page as

If your funder requires you to write a data managment plan (DMP), follow that funder's current advice.  If your funder has no specific requirements or your research is unfunded see our Top 10 Checklist  taking account of the following:

Facilities available for data storage, access and management

  • You may need to store and archive all your data institutionally, or store raw and/or processed data prior to archiving with a specified discipline/funder repository. Different storage options may be effective at different stages of your work. You may want to:

    • Provide better collaborative access to project data
    • Check that you are using the most effective tools to transfer data securely and back up your data
    • Ensure that your data is archived in a file format that minimises the risk of corruption and maximises potential future re-use

    Full guidance is available on data storage; managing access;and destruction of data.

Roles and responsibilities

The roles and responsibilities of individual researchers should be defined. Where roles are not clear, you can seek advice from the Associate Dean Research in your Faculty.

See also guidelines on retention periods and IPR guidance

Consistent description and labelling of data 

You may have more than one audience for your data, particularly if it needs to be made available publicly or through a request process. Embedding the addition of relevant metadata as part of day to day workflow can help you find your own files more effectively and help others find your work and cite it correctly. You may want to:

  • Identify which approach to metadata is best for the different users of your data - colleagues, funders, industry, policy makers, public
  • Agree an approach to the file naming, marking up versions and synchronisation of data across devices
  • Explore possible options for automating some metadata
  • Ensure your archived data can be linked to project information and publications

Full guidance is available on Describing data for effective reuse.


Bookmark this page as


Ethical guidelines issued by funders and the University cover how you can create, store, share and archive data concerned with human subjects. In addition, laws such as the Data Protection Act 2018, govern the processing of personal data.

You should complete an Initial Data Protection Review (serviceline form) and you may also need to undertake a full Data Protection Impact Assessment. You can find guidance on this process on the Information Governance & Data Protection sharepoint site.

Under the DPA (2018) , you need to have a lawful basis for processing personal data. Academic research conducted at by University has the lawful basis of public task: the University's Charter legally requires the University to undertake education and research.

Even sensitive research data can often be shared legally and ethically by using informed consent, anonymisation and controlled access. In order to be able to do this it is important to consider potential data sharing and re-use scenarios well before the ethics process and data collection. Be explicit in your consent forms and PIS about your plans to make data available, who will be able to access the data, and how the data would be accessed and potentially re-used.

You should also make a clear differentiation between personal data that will be held in confidence and ultimately destroyed, and the deidentified research data that will be retained indefinitely and made available to others. Personal data (for example contact details for participants)  should be destroyed when no longer required, and you must tell your participants this. You should not undertake to destroy research data collected from the participants, or not to share such data outside the project, as this may prevent you from using data with future collaborators or in subsequent research investigations.

Consent for participation in research is governed Common Law rather than the DPA (2018).There is no requirement to rely on consent to process data for research purposes. There is an ethical obligation to get consent from people participating in your research but this should not be confused with GDPR consent. GDPR consent under the DPA (2018) can be withdrawn at any time, it has to be granular and time constrained and therefore is unsuitable for most research. To ensure your research is not impacted adversely, we strongly recommend that you do not ask particpants to 'consent' to data usage but instead ask that they understand how the data will be used and shared as part of the conditions for participating in the research. Please contact for examples of wording to use in consent forms and participant information sheets.

For further guidance on working and storing data derived from humans see the Sensitive Data and Research Data and GDPR pages.

Most major research funders require some form of documentation at the application stage, to explain how research data will be managed. The DCC keeps a broad list of funder template DMPs including guidance and sample plans.

If you are writing a data management plan in support of a grant application, the Research Data team can review your plan before you submit your. We would prefer to have at least two weeks notice before the deadline. Email us at

Funder requirements should followed alongside the existing University Research Data Management Policy.


The UK Research and Innovation (UKRI)  Common Principles on Data Policy states that "research data are a public good ...which should be made openly available with as few restrictions as possible in a timely and responsible manner that does not harm intellectual property".  Although each Council has developed their own specific policies and requirements to take account of the disciplines involved, there is an expectation that Researchers will:

  • Plan for their data collection, often through the submission of a initial data management plan with their proposal.
  • Manage their data throughout the project, keeping the necessary metadata and documentation, and establishing good data handling procedures.
  • Deposit their research data in a suitable repository and where possible make at least the record and metadata discoverable.
  • Share the data at the appropriate time, subject to restrictions required relating to confidential, commercial, sensitive or personal data.
  • Write a Data Access statement: Publications should include a statement on the availability or restrictions to access for the data (data access statement) as well as the acknowledgement of funding and grant details.

Covid-19 research

The University, UKRI, as well as multiple funders and leading publishers have signed the Sharing research data and findings relevant to the novel coronavirus (COVID-19) outbreak' which follows the WHO recommendations for sharing research in public health emergencies. University researchers are required to:

  • make their research available as a pre-print with a clear data statement
  • share interim and final research data relating to the outbreak, together with protocols and standards used to collect the data, as rapidly and widely as possible - including with public health and research communities and the WHO

This means that the interim results underlying papers should be made available but also the final, complete dataset once the project is finished is deposited. The University's preference is that the re-prints and data are best deposited in a disciplinary relevant repository in preference to ePrints Soton. Accepted manuscripts and catalogue records for the datasets held elsewhere should still be deposited in our own institutional repository.

Guidance from funders

Most research funders have issued data policies:


Bookmark this page as

Top 10 Checklist


If your funder requires you to write a data management plan (DMP), follow that funder's current advice.  If your funder has no specific requirements or your research is unfunded, this checklist is for you.

Click on heading for more details.


1. What data will be created?


  • How much data will be generated?

  • Where will they be stored and backed up securely?

  • How much will this cost?

  • What types or formats


2. Who will create the data?



3. Roles and Responsibilities



4. Software and Services required



5. Naming and describing your data



6. Data Sharing with Collaborators



7. Storage - short & long term



8. Dissemination



9. Restrictions to Sharing



10. Permissions to share


A more detailed checklist is available from the Digital Curation Centre DMP checklist 



Bookmark this page as

It can be daunting if you have never written a DMP before.  You may find it useful to look at successful DMPs:

Discoverability example text

You can download the generic Southampton DMP information below as a word file.

"Metadata records for the data (and published outputs) will also be maintained on the University of Southampton Institutional Research Repository.  In accordance with the University’s Data policy, the data will be archived from a minimum of ten years after publication or last access, whichever is longer (see  DOIs will be issued for the dataset and data subsets as per the University’s DOI policy (see"

"Future users of the data will be bound by data sharing agreements. Where suitable a licence (currently Creative Commons) can be applied to data deposited in the repository."

Active data storage example text

"All data generated will immediately be transferred and stored in the University of Southampton iSolutions secure research data storage service. The data stored within this facility is regularly backed up and a copy of the back-up, regularly off-sited to a secure location for disaster recovery purposes. Only authorised users can access data stored within this facility and it is managed under the governance of the University of Southampton Research Data Management Policy ("

Copyright example text

"The University of Southampton will hold copyright in the primary data generated by the research throughout the project. The University will also hold the copyright in any database created to collate already published data, however if necessary consent will be sought and acknowledgment will be provided to third parties who may retain rights over some of the data used."

The University of Southampton has a long established record in generating, managing and exploiting IP. This is facilitated through Research and Innovation Services, in particular the IP and Technology Transfer teams. The RIS team undertake a variety of activities through promoting dissemination of research, adoption of new clinical practice, interventions, commercial research, licensing and spin out companies.

ISO Standards example text

“The University hold Cyber Essentials certification.” More information available

Relevant UoS Policies and Guidance

Data Management Policy & Procedures

The following guidance supports the policy and can be quoted in DMPs:

Other University policies related to data sharing:


Bookmark this page as

Requesting a DOI

We can register a DOI for your dataset through DataCite - this gives a persistent link and can make it easier to cite.


For more details see our DOI for data page.


Research Support Guide