Educause Security Discussion mailing list archives
data security policies for research data
From: "Youngquist, Jason R." <jryoungquist () CCIS EDU>
Date: Wed, 24 Nov 2010 08:14:47 -0600
About two months ago there was a news article where a researcher at the University of North Carolina at Chapel Hill had a server with confidential information for her research project get hacked. We have a committee for the Protection of Human Subjects, and while we require that all information should be kept confidential, I'm looking for some best practices from other schools, especially for student research data. For faculty, we can make a policy stating that all research information must be stored on their personal network space. For students, this becomes a bigger issue, because we have a main campus, ~35 remote campuses, and an on-line campus. For research being done by students how do you make sure their data is kept confidential? Do you require data to not include any personal identifying information such as first name/last name, to be stored on encrypted USB drives (is this provided by the college or does the student need to provide their own), provide loaner laptops that have whole disk encryption installed, etc? Thanks. Jason Youngquist Information Technology Security Engineer Technology Services Columbia College 1001 Rogers Street, Columbia, MO 65216 (573) 875-7334 jryoungquist () ccis edu http://www.ccis.edu
Current thread:
- data security policies for research data Youngquist, Jason R. (Nov 26)