• Ensure DMP-PII and purpose compatibility (as above)
  • Revaluate likelihood of (re-)identification and risk of harm, particularly if it involves a public data-set containing PII
  • Indicate in metadata the availability of raw data or minimized data containing PII, if available bilaterally
  • Minimize use of PII and risk of disclosure through pro-privacy access controls and analytical tools 

  • Don’t include PII in public datasets unless absolutely necessary to preserve the data’s analytic potential, scientific utility or benefit to the participant (and subject to participants informed consent and a rigorous risk assessment)