Securing Research Data

In general, data that are considered of low and intermediate sensitivity can be secured by investigators with minimal training.  Plans to acquire data that are considered of high or very high sensitivity must be developed in collaboration with the college IT Director or designee.

​Level

Sensitivity of Data

​Examples

Security Controls

​0Low - Public
​De-identified or anonymized data (1)
​Password-protected documents and files (2) Locked file cabinets and offices
​1 Intermediate -​Protected ​ Identifiable data Ad(surveys, field notes), which if disclosed would NOT put subjects at great risk.  ​Encrypted files (3) and flash drives (4)
​2 High - Restricted

​Extremely sensitive data such as medical records with identifiers (HIPAA regulated) and student records with identifiers (FERPA regulated)

​Same as Level 1 but verified by college IT Director or designee;  Encrypted laptops or workstations.  Please contact your local IT for assistance or submit a ticket here.
​3

Very High - Highly Restricted

​Research records with identifiers of self-disclosed criminal activity or mental health issues. ​Same as Level 2 with additional precautions as determined by college IT Director or designee.  Please contact your local IT for assistance or submit a ticket here.   Also consider a Certificate of Confidentiality, if appropriate. 


Notes

  1. Link to article describing de-identified and anonymized data  
  2. Notes/reference to article on password strength
  3. MS Word and MS Excel offer very good encryption (hyperlink to reference); consult your college IT Director for advice on encrypting files in other formats. 
  4. Learn how you can encrypt your Removable media and USB flash drives 
  5. Should be done by qualified IT personnel.
  6. Consult college IT Director below.  If you are unsure who to contact, please contact Ben Andera.

Key Technical Resources:

Ben Andera - Executive Director Academic and Research Computing

Mark Herron - Chief Information Security Officer

Kurt Smith - Assistant Dean Healthcare IT

Tim Gramza - Director of IT CHSBS

Mel Taylor - Director of IT CSE

Stan Pope - Director of IT CBA

Mike Reuter - Director of IT CEHS and CCFA