Data Management Plan
Requirements of the funding agencies vary between organizations. The National Science Foundation's guidelines provide a some starting points for developing a thorough data management plan. The NSF guidelines specify that a data management plan should address the following points (from Grant Proposal Guide, Chapter II.C.2.j):
- The types of data, samples, physical collections, software, curriculum materials, and other materials to be produced in the course of the project;
- The standards to be used for data and metadata format and content (where existing standards are absent or deemed inadequate, this should be documented along with any proposed solutions or remedies);
- Policies for access and sharing including provisions for appropriate protection of privacy, confidentiality, security, intellectual property, or other rights or requirements;
- Policies and provisions for re-use, re-distribution, and the production of derivatives; and
- Plans for archiving data, samples, and other research products, and for preservation of access to them.
Data Management Plan
NIH Human Subjects Example
Department of Energy DMP Example
ICPSR Social Sciences, Education and Survey Data
NSF Policy on Data Archiving for Social, Behavior, and Economic Sciences
Data Management Plan Tools
DMPTool (open source DMP generator tool, no DoD templates but useful for general forms)
Things to Keep in Mind
If the data you are generating is sensitive you will most likely need data security protocols to be included in order to demonstrate you're maintaining the requisite level of security for the data. Depending on the sensitivity of your data this can affect where you keep your data and how you access it, as well as what needs to be done in order for you to analyze or share it (de-identifying, setting up a secure file transfer site, setting up applications and protocols for sharing data, etc). This can include details on physical security of the data (building security, room security, file cabinet security, etc), virtual security (encryption on the hard drives, restricted network access, password strength and change frequency requirements, etc), and other details like staff non disclosure agreements, how the data is analyzed, if data can be backed up, how data must be securely destroyed if it is no longer in use, etc.