In general, data that are considered of low and intermediate sensitivity can be secured by investigators with minimal training. Plans to acquire data that are considered of high or very high sensitivity must be developed in collaboration with the college IT Director or designee.
Sensitivity of Data
|0||Low - Public||De-identified or anonymized data (1)||Password-protected documents and files (2) Locked file cabinets and offices|
Identifiable data Ad(surveys, field notes), which if disclosed would NOT put subjects at great risk. ||
Encrypted files (3) and flash drives (4)|
High - Restricted|
data such as medical records with identifiers (HIPAA regulated) and student records with identifiers (FERPA regulated)
Same as Level 1 but verified by college IT Director or designee; Encrypted laptops or workstations. Please contact your local IT for assistance or submit a ticket here.|
Very High - Highly Restricted
Research records with identifiers of self-disclosed criminal activity or mental health issues.||
Same as Level 2 with additional precautions as determined by college IT Director or designee. Please contact your local IT for assistance or submit a ticket here. Also consider a Certificate of Confidentiality, if appropriate. |
- Link to article describing de-identified and anonymized data
- Notes/reference to article on password strength
- MS Word and MS Excel offer very good encryption (hyperlink to reference); consult your college IT Director for advice on encrypting files in other formats.
- Learn how you can encrypt your Removable media and USB flash drives
- Should be done by qualified IT personnel.
- Consult college IT Director below. If you are unsure who to contact, please contact Ben Andera.
Key Technical Resources:
Ben Andera - Executive Director Academic and Research Computing
Dr. Jerry Todd- Interim Chief Information Security Officer
Kurt Smith - Assistant Dean Healthcare IT
Tim Gramza - Director of IT CLASS and CBA
Mel Taylor - Director of IT CSE
Mike Reuter - Director of IT CEHS and CAM