Preparing your REF2021 – Commercial confidentiality and security clearance

REF2021 Impact Case Studies (ICS) are required to provide a clear and coherent narrative that includes an account of who or what audiences, constituencies, groups, organisations, places, publics, sectors and so on, have benefited, been influenced, or acted upon. In addition the sub-panels will expect the key claims made in the narrative to be supported by evidence and indicators. In some cases this might include confidential, commercially sensitive or security sensitive material.

All panel members, assessors, observers and the panel secretariat are bound by confidentiality arrangements which are available in the Panel Criteria and Working Methods document.

Following the REF2021 assessment, it is expected that all ICS (with the exception of those marked ‘not for publication’) will be published in a searchable database similar the REF2014 ICS database. Corroborating evidence will not be published.

For ICS containing confidential, commercially sensitive or security sensitive material, the following additional confidentiality provisions can be requested:

  • Providing a redacted version of the ICS for publication following REF2021 assessment;
  • Withholding the ICS from publication following REF2021 assessment;
  • Vetoing specific REF2021 panel member from reviewing the ICS;
  • Restricting review of the ICS to an individual with national level security clearance.

Arrangements for ICS that include confidential or commercially sensitive information

If your case study contains commercially confidential information you are invited to submit it marked as ‘not for publication‘ and to supply an additional version of the case study with the sensitive information redacted.  The redacted version will be included in the publication of REF2021 Impact Case Studies after the assessment process. The non-redacted version will be destroyed once it is not longer required for assessment purposes.

If your case study itself contains classified information, it should be marked ‘not for publication‘. Case studies marked ‘not for publication’ will be destroyed once no longer required for assessment purposes.

Below is more detailed information from the Guidance on Submissions document, paragraph 307.

The following arrangements are in place to enable institutions to submit case studies that include confidential information, with the agreement of the relevant organisation(s):

  1. All panel members, assessors, observers and the panel secretariat are bound by confidentiality arrangements. The current confidentiality and data security arrangements are included in the ‘Panel criteria’. Panel members’ obligations during the assessment phase will be expanded on, to include specific arrangements for their treatment of confidential or sensitive information in submissions. These expanded arrangements will be published in advance of the submission deadline of 31 March 2021.
  2. Where there are main or sub-panel members or assessors who HEIs believe would have a conflict of interest in assessing specific case studies, HEIs can identify these when making submissions, and the case studies will not be made available to such individuals.
  3. When making submissions, HEIs can identify specific case studies that either should not be published at all due to their confidential nature, or that should be redacted prior to publication. HEIs will need to provide redacted versions suitable for publication by 1 June 2021. Submitted case studies identified as ‘not for publication’ or the elements for ‘redaction’ will be destroyed by the REF team once no longer required for assessment purposes.
  4. To protect panel members from potentially inappropriate exposure to intellectual property, sub-panel chairs may identify specific panel members who should not have access to, or should have access only to the redacted versions of, specific case studies that include commercially sensitive information.

Arrangements for corroborating sources that include confidential or commercially sensitive information

Corroborating sources are uploaded and stored on the REF submission system separately from the impact case study template itself. There is no intention to make the content of corroborating sources publicly available following the assessment process.

In terms of commercially confidential material, note that all panel members are bound by a confidentiality agreement. Where there are particular panel members who have commercial (or other) conflicts of interest in assessing the case study or the corroborating evidence, you can identify these at the point of submission to ensure these panel members will have no access to your case study. 

Where any material within the corroborating evidence is classified, the evidence should not be submitted with the case study provided upfront but should be held the event of audit. Where this is the case, we will need to indicate on the submission system that the University is holding the information and will make it available on request for the purposes of audit.

Arranging assessment by individuals with national security vetting clearance

Please note that the deadline has now passed for arranging assessment by individuals with national security clearance.  We have already made successful applications for those case studies identified as requiring high level security clearance earlier in the process.

In addition to the general arrangements set out above, there may be specific instances where research has had impacts of a sensitive nature where the material to be included in a case study could only be made available for assessment to individuals with national security vetting clearance. This may relate to the underpinning research, the nature of the impact, or both.

The following arrangements apply, to enable the submission of such specific cases:

a. The submitting HEI must request advance permission from the REF director to submit such case studies, by providing outline information about the broad nature of the research and/or impact, the level of sensitivity of the intended material, and the level of clearance required of individuals to whom the full case study could be made available. There will be three staggered deadlines for requests in May, September and December 2019.

b. Permission will be granted to submit such case studies where the REF director considers, having consulted the relevant panel chairs, that:

i. the confidentiality arrangements outlined in the paragraph above are insufficient to enable the institution to submit the case study in the normal way for assessment by the panel and

ii. it is practicable to identify existing panellists or appoint additional assessors who have the appropriate clearance and expertise, and do not have direct conflicts of interest, to assess the material.

c. Where permission is granted, arrangements will be made for the HEI to make the case study available securely to the appropriate panel members/assessors. Only the outline information will be made available to the panel and no details about these case studies will be published.

d. HEIs should allow sufficient time for such case studies to go through the relevant organisation’s internal release processes.

Redaction and Security arrangements

Level Description Internal review prior to submission Evidence collection and storage REF2021 assessment arrangements Post REF2021 publication RMG Actions
Security Sensitive ICS ICS based on or containing security sensitive information in underpinning research, impact or evidence. To be marked as security sensitive.

Initial non-sensitive outline ICS for review by RMG only.

 

Full ICS to be reviewed only by those with relevant security clearance

All sensitive evidence to be collected by ICS author and stored and viewed only by those with relevant security clearance.

 

Non-sensitive evidence to be collected by ICS author and stored in Impact Tracker Evidence Vault.

Access to VV-IT project file restricted to project owner and system administrators.

To be assessed only by individual with national level security clearance. Not for publication RMG to notify REF Team ‘not for publication’ by 1 June 2021
Highly commercially sensitive ICS ICS containing commercially sensitive data or IP that may not be published To be marked as commercially sensitive.

Review by UOAC and RMG only.

 

Wider reviews restricted to relevant individuals with confidentiality agreement and aware of commercial sensitivities.

Evidence to be gathered by author and stored in Impact Tracker Evidence Vault.

Access to VV-IT project file restricted to project owner and system administrators.

SHU can identify specific panel members with conflicts of interest and veto access to ICS.

 

Otherwise all sub-panel members may assess the full ICS.

Not for publication RMG to notify REF Team:

– veto named panel members with conflicts by 29 January 2021

– ‘not for publication’ by 1 June 2021

 

ICS author to inform RMG of any panel member with conflict of interest who should not have access to ICS.

Commercially sensitive ICS ICS containing small amounts of commercially sensitive data or IP but the whole case study can be published with redaction. To be marked as commercially sensitive.

 

Reviews restricted to RMG and relevant individuals with confidentiality agreement and aware of commercial sensitivities.

Evidence to be gathered by author / project team and stored in Impact Tracker Evidence Vault.

 

SHU can identify specific panel members with conflicts of interest who will only have access to the redacted version of the ICS.

Otherwise all panel members may assess full ICS.

Redacted version published RMG to provide REF Team with redacted version of ICS by 1 June 2021
Standard ICS ICS containing no commercially sensitive material or IP Normal review processes. Evidence to be gathered by author / project team and stored in Impact Tracker Evidence Vault.

 

All panel members may assess the full ICS. Full version published Review all ICS for personal data and GDPR compliance


Full guidance on REF2021 confidentiality arrangements for Impact Case Studies is available in 2019/01 Guidance on Submissions, paras 307 – 308, and 2019/02 Panel Criteria and Working Methods, Part 4 Panel procedures and Annex E Confidentiality and information security agreement for REF2021 panels. Please note the revised arrangements in response to the effects of COVID-19 provided at the front of each of these documents.

 

 

Return to REF2021 ICS Contents.