Data principles set a clear standard which promotes public trust in our data handling and provides high quality, inclusive and trusted statistics. The Data Principles help to create the data conditions to deliver the Data Strategy and are supported by Data and Statistical Policies and Data Standards.
Our Data Strategy is based on four fundamental principles, each one underpinned by a set of Data Principles.
- Assets – data management throughout their lifecycle
- Data management – ethical, transparent and legal compliant
- Reuse and linkage – adopt common data terms and standards
- Security – data access is governed by a set of rules
Back to table of contents
Follow best practice for data collection
When designing and developing a data collection service, product or tool always start by learning about the respondent needs of the users (i.e., the people) who will be providing the data. The users' needs must inform the design at every stage to ensure you build the right thing and collect data that are fit for purpose. Always research ethically and learn about the needs of all kinds of users as this will help you to develop inclusively.
Follow a controlled and consistent data ingest process
Data can arrive via any of the agreed approved corporate routes and follow clear and consistent ingest processes for loading into an approved data storage solution; data will be managed in accordance with agreed and authorised process.
Keep an original copy of data as they are received. Audit all changes
Keep a copy of data in its 'as received' state and keep an audit trail of all subsequent changes, managed with clear version control practices so that it can always be rolled back to 'as-received' state, or to be accessed at the lowest level of granularity (dependent on access permissions).
Ensure all data are backed up. Audit all subsequent data changes
Data should be backed up appropriately and retained only where necessary and for the minimum period required in line with policies, guidance, and any agreements in place with data suppliers or providers. It should then be disposed of or archived appropriately.
All data must have metadata
All datasets, whether collected via survey, acquired from an external supplier, or derived from processing, should be accompanied by metadata. Metadata is information about the characteristics of data and what happens to it from when it is collected or acquired, across its whole lifecycle through to archiving.
Actively manage, review and improve data quality
Data quality is defined as whether datasets are fit for their intended purpose. Achieving high data quality helps to ensure effective decisions can be made using the data. Quality assurance should take place across the entire data lifecycle and should be proportionate to the importance of the data.Back to table of contents
Use transparent and legally compliant data practices
Data practices should be transparent and comply with all relevant laws, policies, regulations, and standards of good practice regarding the acquisition, storing, processing, sharing, and disposal of all data. This includes the Statistics and Registration Service Act, the Digital Economy Act, the Census Act, the General Data Protection Regulation, the Data Protection Act 2018 and any other relevant legislation.
Collect, handle and store data ethically
When undertaking research and/or producing statistics we must consider not just what we could do, but also what we should do to ensure that we collect and use data in ethically appropriate ways which are for the public good. This consideration of the ethics of a project should take place at the research design phase and should be regularly reviewed as the research develops.
Publish data and analysis via approved routes
Data and analysis should be made available to third or external parties in a controlled manner, via approved routes. As a producer of Official Statistics, ONS must follow certain protocols to control the external release and sharing of data and statistics, as set out in the Code of Practice for Statistics.Back to table of contents
Ensure access to data is controlled
Access to data held in the strategic store is managed in a controlled way, based on the role of the user. Managing role-based access effectively carries some administrative demands, which will impact the time it takes for users to access the data.
Data are sensitive and must therefore be protected and kept confidential. We must ensure that the privacy and confidentiality of data subjects is protected throughout the full data lifecycle. Those providing data should be made aware of confidentiality procedures and rights at point of collection.
Keep data secure in storage, use and transmission
All data held at rest should be stored in a suitable secure location, and the method used recorded with security controls implemented known and approved. The security method used for transferring data should be appropriate for the sensitivity of the data involved and supported by data handling instructions for all key parties.Back to table of contents