Data Management and Transparency
Many sponsors require Data Management Plans (DMPs) and impose minimum requirements for data retention. Failure to provide a sufficient DMP in your proposal may jeopardize your likelihood of receiving funding.
Additionally, journals increasingly require data sharing in accordance with FAIR (findable, accessible, interoperable, reusable) principles. Failing to share data may be grounds for retraction of the paper in which the results were published.
Confidential Data and Data Security
Human subjects research involves the collection or use of people’s identifiable private information. Federal and state laws and the University Research Data Security Policy provide specific guidance for protecting this identifiable information. Federal regulations (e.g., HIPAA, FERPA, and NIST SP 800-171), as well as state laws, identify specific types of student, patient, and other sensitive information that require extra security to prevent accidental disclosure or misuse. Institutional Review Boards (IRBs), in collaboration with Information Security, determine the security required. It is the responsibility of the Principal Investigator (PI) to comply with these security measures and usage restrictions.
Both externally-generated data being used and University-generated data shared with external collaborators must be exchanged, managed, and secured in accordance with a Data Use Agreement (DUA), or the ability to use the data may be revoked. DUAs are reviewed and negotiated by the authorized office. The PI is responsible for coordinating review by the School Information Security Officer and the relevant IRB.