The legal definition of sensitive data includes: the personal data that is revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data and biometric data that is processed solely to identify a human being, health-related data, and data concerning a person’s sex life or sexual orientation.
The most pertinent component of all ethical research is to ensure participant privacy. Thus, the utmost care must be taken to ensure that no information or data can be used to identify or attributed to them from either qualitative or quantitative studies. Participants can therefore be assured of this by detailing how their data will anonymised and pseudonymised. Information and data which is being reported, that is neither anonymised nor pseudonymised, requires the explicit informed consent of the participants. Finally, all research conducted in the EU must adhere to General Data Protection Regulation (GDPR) legislation.
See also CORE Ethical Compass.