Editorial offices will keep a database(s) of user details. This might be a simple list of potential reviewers or part of the data stored on an electronic editorial office system. Such databases might be used to store author details or to assist selection of reviewers or for other purposes. Whatever the purpose of the database, it stores personal information and will therefore be subject to data protection law.
Personal data is information regarding a living individual who can be identified directly or indirectly by that information. This includes names and contact details. All such personal data comes under data protection legislation.
When considering what information to collect and store, it is important to consider how the information will be used. For example, when collecting author information, which may be printed in the journal, it is important to ensure the author affiliation and contact details are accurate; when collecting review information, the area of expertise is probably of greater importance.
Check that the following details are correct:
As your database is likely to contain many entries, it is useful to have ways of clustering users together. For example, it is useful to mark all members of the editorial board so that they are easily identified.
It is important to maintain data integrity. Potential issues include duplicate records and expired data.
It is good practice to regularly check for duplicate records. Before merging two accounts it is important to check that they are the same individual, not two distinct individuals of the same name - this can be checked by comparing other information (middle name, location, etc.). When merging accounts, make sure you preserve the most up-to-date information.
Expired data is less easy to check for. If a specific field, such as editorial role, is changed then a report could be run to identify which users are affected by the change. If individual data is changed then it is not possible to check - you may only become aware of it when alerted by another user.