|
Data Security
Annex to MOU with SETFIA
and SENTA: internal CSIRO data
security for SEF mapping project
Purpose
The purpose of this Annex is to set out how CSIRO Marine and Atmospheric Research
will arrange internal security for fishing industry data during
and after the 2-year term of the project. The key issues are to:
-
specify how the data will be protected during and after the
project, and
-
how to protect industry’s IP in regard to the contract
with FRDC .
Data types
The data types in question are derived from fishing industry information
on fishing locations and related observations recorded in track-plotters,
in personal logbooks and on paper charts. Data exist in electronic
form in GIS maps and database records, and in paper form as a series
of maps produced by CSIRO.
Security measures for data
The following security measures are in place:
-
every map printed as a paper copy is labeled with a code that
records the contributor (by code number not name), the type
of map, the area covered, the purpose of the map, and importantly,
the copy number (i.e. the number of copies in circulation, usually
1 or 2)
-
paper copies are stored at the CSIRO Marine Labs in Hobart
in a locked cabinet and locked office
-
every paper map copy is registered and tracked in the project
database
-
firewalls and passwords protect the two existing copies of
the electronic data (on the project computer and the backup
on the central server, both in the CSIRO Marine Labs in Hobart)
Access to data
Industry has agreed to provide their data on the understanding
that access to data is restricted to the project team and that release
of data or data products at various levels of resolution is contingent
upon approval by data contributors that own the data and/ or approval
by the industry associations (SETFIA and SENTA) according to a proforma
as laid out in the MOU.
Here we agree formally that:
-
during the project, access to data will be strictly limited
to the CSIRO members of the FRDC project team (Alan Williams,
Nic Bax and Bruce Barker)
-
at the end of the project, the contributors and Associations
will be formally approached to consider options for storage,
management and access to data. We anticipate that these data
will be a valuable source of information for industry and researchers
well beyond the life of the project.
-
the default arrangement will be that the master copy of the
industry data is lodged in a secure area of the CSIRO Marine and Atmospheric Research ‘data warehouse’ — but individual contributors
and/or the Associations can specify an alternative arrangement.
In the CSIRO data warehouse, access to data is available only
to individuals with a personalized access code that is provided
by the database administrator; access will remain restricted
to the project team.
-
these data security arrangements are guaranteed by the senior
manager of the project team, Dr Keith Sainsbury
-
changes to data access arrangements, such as the extension
of access rights beyond the project team, requires the written
approval of the relevant Association (SETFIA or SENTA) and Dr
Sainsbury’s authorization; delegation of Dr Sainsbury’s
authority requires the written approval of the relevant Association
(SETFIA or SENTA).
IP agreement with FRDC
The brief and unspecific wording in the IP section of the existing
contract will be reviewed and reworded, sent to the Associations
for comment, then forwarded to FRDC with a formal request to incorporate
it into the contract.
Signed on behalf of CSIRO Marine and Atmospheric Research.
|
