Context
Collins dictionary defines legal framework as “a particular set of rules, ideas, or beliefs which you use in order to deal with problems or to decide what to do”. In the context of data stewardship and research data management, this topic covers all the laws, regulations, and institutional policies that govern how research data is handled throughout the research project. This includes crucial areas like data protection (e.g., GDPR), intellectual property, data sharing protocols, and ethical considerations. Although IT security, data protection (e.g., GDPR) and ethics are their own topics in this handbook, this section will briefly cover these since they all fall under the general legal framework.
However, this Data Steward Handbook does not detail all the legislation and policies that may apply, as that will differ across nodes and state lines, but it outlines important considerations and guidelines on how to evaluate the circumstances and potential for improvements by providing examples, tips and tricks, and good practice instances.
A data steward’s tasks do not cover the legal section per se. Most of this work should be covered by the legal department of your organisation. However, a data steward should be knowledgeable about the general knowledge and procedures, so he/she/they can offer support with basic requirements and know when to contact the lawyers. Building strong connections with the legal departments (including Data Protection Officer) where they exist is essential to foster collaboration, knowledge sharing, and professional growth within this field. However, if your organisation is small, it might not have a legal department, which puts an additional strain on the data steward to seek out legal support and develop a level of understanding of the legal context.
Guidelines
The following cheats might help you to get your own legal framework going or improve the already in place system. It is understandable, if you have a specific legal department, that you might not be able to change their systems; however, you can improve the knowledge of the researchers about already in-place procedures and how to approach specific people in the legal department regarding different topics.
Know your role and tasks as a Data Steward
As a Data Steward, your primary task is to understand the core legal concepts related to Research Data Management (RDM) and to know your specific legal system and its procedures. This understanding enables you to recognise potential legal issues and risks that a project might encounter. It’s important to know your limits: you are not expected to be a legal expert or to formalise contracts. Instead, you should be able to identify legal challenges a project might face. When you spot a potential problem or require formal legal advice, your responsibility is to promptly consult the research team, clearly explain your concerns, and then refer them to the organisation’s Legal Department or the Data Protection Officer (DPO) for expert guidance. In essence, you serve as the vital first line of defence and a key facilitator, effectively bridging the gap between research practices and legal compliance. Relevant links:
Generating basic templates for researchers to ease the work of the legal team
TEXT
Create specific procedures for researchers to follow and consult (e.g., a decision map)
Relevant links: GDPR Decision Tree EOSC-Pillar Legal Compliance Checklist
TEXT
Specify the procedures for different fields and types of data
TEXT
Training the different levels of personnel (researchers, data stewards, etc) about the legal framework
TEXT
Communication of procedures for the researchers
E.g., researchers know when to contact the legal department and how to do this.
Automated system (e.g., ticketing system) for all levels of organisation and topics
TEXT