Security of data and related materials are integral to quality research, even when there are no concerns of sensitive data disclosure.
Fortunately, there are basic measures all researchers can take to keep data safe during work.
Secure your Data, a web guide from UH Information Technology, provides informative content devoted to considerations, tools, and best practices for data security.
These include:
Firewalls and network security
Encryption
Password protection
To speak with IT Security regarding your research project, call (832) 842-4695 or email security@uh.edu. General information is available on the IT Security website.
The Research Integrity and Oversight (RIO) Office within the UH Division of Research supports the UH research community in all areas of compliance pertaining to federal regulations, including that of sensitive data. We work in close collaboration with the RIO to assist researchers with their needs in managing these data effectively.
Sensitive Data is an umbrella term for data that is governed by policies including:
HIPAA - Health Insurance Portability and Accountability Act - The data contains Protected Health Information or PHI
FERPA - Family Educational Rights and Privacy Act - The data contains student education records
PII - Personally Identifiable Information - The data contains information that can be used to distinguish or trace an individual’s identity.
Data containing trade secrets or intellectual property
Locations of assets and protected resources
Researchers must adhere to UH policy on Data Classification and Protection. Sensitive Data must remain within the UH network and accessed remotely using the secure network VPN.
When sharing with external colleagues, data must be securely transferred using encryption measures as is detailed in the policy discussed on the next tab.
The purpose of this policy is to direct information owners and information custodians in the assessment of information and information systems to determine the appropriate data classification level, which then prescribes the necessary security measures which must be in place.
Access the UH Data Classification and Protection Policy.