The Handbook is currently under development and may change at any point - it is not meant for production use
Skip to content Skip to footer

Legal indicators Legal Framework for Research Data

This indicator assesses the availability and use of standardised frameworks, templates and procedures for legal tasks within the organisation. It evaluates whether legal processes are in place at project initiation, how consistently these processes are supported and how prepared staff are to implement them. The level of maturity reflects the organisation’s capacity to address legal issues proactively through dedicated personnel and well-maintained resources.

Level 1 – Legal processes are ad hoc and reactive, with no standardized framework or templates regarding RDM. Legal tasks are handled informally by various departments. Agreements go through minimal review.

  • Reactive: No specific workflows and templates are defined. Data stewards and/or the legal team become involved only when specifically asked or when there is an immediate need. The way to approach those instances is unclear.
  • Unplanned: Legal work is carried out on an ad-hoc basis, with tasks distributed informally as needs arise. There is no clear point of contact for specific queries nor specific details about where to find the necessary information, templates or RDM support. Employees and researchers struggle to find support in understanding and navigating legal requirements.
  • Inconsistent delivery: The support varies in quality and expertise from case to case, and it remains unclear how to ensure compliance with legislation and policies.

Impact: RDM processes and projects are delayed, with no mechanisms in place to mitigate the risk of legal breaches and other potential issues.

Level 2 – Standard templates and contractual clauses are being introduced, but not consistently used. The legal department exists but does not yet support project initiation or have fully defined processes for RDM issues.

  • Fragments exist: Elements of a basic legal framework and RDM templates are preserved, available, referenced and in use.
  • Project-driven: Templates and contractual clauses are developed as required for different projects, but they are used inconsistently across the organisation.
  • Not maintained: Lack of structure and clarity regarding responsibilities for maintaining and updating these assets as required.
  • Not enforced: Legal processes are optional, with no institutional mechanisms in place for follow-up,compliance or mandatory implementation.

Impact: Progress has been made toward a more consistent legal approach, but the process is still fragmented. Without clear support, key resources may soon be out of date as laws and RDM practices change.

Level 3 – The legal framework is well-defined and standardized across the organization. A dedicated personnel is responsible for supporting the establishment of a legal framework covering RDM requirements. Comprehensive templates and standardized contractual clauses for RDM issues.

  • Clear framework and alignment: A comprehensive and well-defined legal framework is established and aligned with the existing frameworks and policies.
  • Standardised processes: Defined, standardised processes and comprehensive templates are in place and managed by dedicated personnel.
  • Data sensitivity is considered: Legal requirements reflect data sensitivity and data types, ensuring appropriate handling based on risks.
  • Fragmented implementation and awareness: Legal processes remain fragmented within individual faculties, laboratories and departments. Systematic and regular training in this area is non-existing or remains limited.

Impact: A clear and standardised institutional legal framework increases organisational alignment. This will lead to improved compliance, efficiency and reduced risk of fines, legal disputes and reputational damage.

Level 4 – Continuously improved and optimized legal framework for research data; regularly updated to reflect RDM best practices and regulatory changes. Use of advanced, customizable templates and optimized contractual clauses for RDM issues.

  • Asset management: All legal assets (e.g., policies, templates, agreements) are actively and properly managed, maintained and regularly updated.
  • Change management: Updates are communicated and implemented through well-established change management processes.
  • Comprehensive training: Regular, targeted and mandatory training covers all legal aspects of the data lifecycle for all relevant personnel (e.g., legal department, data stewards, researchers).
  • Dedicated support: Full support mechanisms are provided (e.g., ticket systems with progress tracking and defined reaction times, dedicated personnel).

Impact: The legal framework for RDM is improved over time and used consistently across the organisation. This ensures compliance, efficiency, and low risk, supported by well-trained staff.

Contributors
AMF

AJ

Hana Marčetić Contributor

Luxembourg Centre of Systems Biomedicine

Heleri Inno Contributor

University of Tartu / ELIXIR-EE

Jana Martínková Contributor

Mijke Jetten Contributor

RV
Contributor

WNÅ
Contributor