Connect with us online
Link to IU Libraries Facebook Link to libraries YouTube channel Link to IU Libraries Twitter Link to flickr photostream Links to libraries rss Link to IU Bloomington podcasts on IU Podcast Portal
Contact Information
last updated: 6/12/2013

Sensitive Data

Data can be considered “sensitive” for many reasons. Human subjects research is often restricted to protect study participants; medical data may be subject to laws such as HIPAA; and research critical to national security might fall under Export Control laws. Below, we provide resources to help manage sensitive data.

General Resources

Human Subjects Data

Storing Sensitive Data

A full list of HIPAA-aligned (and therefore considered reliably secure storage for many other types of sensitive data) UITS technologies can be found on the Knowledge Base. See also Section 2.10 (pp. 53) of the SOPs for Research Involving Human Subjects.

Limiting Access to Sensitive Data

Generally, administrative and physical safeguards are the best means of limiting access to sensitive data. Carefully selecting who has the rights to access data and training those who do have access are good basic ways to set administrative safeguards. Physical safeguards such as locked storage and access tracking for physical spaces are important to consider when dealing with physical samples or other kinds of analog data. For more information, consult the IU SOPs for Research Involving Human Subjects (pp. 51-52).

Informed Consent and Data Sharing

Sensitive data may be shared in certain cases, most notably when it has been de-identified or when subjects have given approval to share their data by way of Informed Consent. Note that such sharing must conform to IRB guidelines. Contact the IRB for more information.

Data Subject to Export Control

The export control regulations are designed to prevent the proliferation of technologies that are "dual use" i.e., those that may be used for both civilian and military/terrorism purposes. Research can sometimes fall under these restrictions. As export control regulations are complicated, the university urges you to contact the Office of Research Administration if you have any questions or concerns.

last updated: 6/12/2013