Data retention and disposal

Data retention and disposal

Researchers must implement a data security plan as part of their application for data. Researchers will be required to specify in their data application form:

  • the length of time that they require access to the datasets they request;
  • how long the data will be stored for after the completion of the project (data retention period); and
  • why they have chosen the dates for the data retention period.

The date that data will be returned/destroyed will also be outlined in the researcher agreements. As specified in the research agreement, researchers are only permitted to access the data they receive for the specified time agreed. Researchers may apply through the data linkage unit and relevant Human Research Ethics Committees (HRECs) for an extension to the data retention expiry date if required.

Researchers will also be required to specify how the data, in all forms, will be disposed. The data disposal method must be approved by the data linkage unit(s), data custodian(s) and HRECs involved.

Secure Unified Research Environment (SURE)

If the linked data was provided via SURE, access to the SURE will be terminated when the data retention period expires, unless an amendment to extend the data retention date has been submitted and approved.