Data Storage for Research Activities: Home
Introduction
The University of Utah has been working with various departments, including the Office of the Vice President for Research, the Center for High-Performance Computing (CHPC), Marriott Library, Eccles Health Sciences Library, UIT, and Bioinformatics to find solutions for storing research data, both during the research process and after research is conducted. This guide provides information on various storage options, including services such as REDCap and LabArchives, as well as cloud solutions from UIT, UBox, O365, and Ucloud, and group and archive storage space from CHPC—Research Computing Support for the University. This guide also includes essential information on data security, file and folder management, and planning for research data management.
Is it Restricted or Sensitive Research Data?
Restricted Data
- Has a high level of sensitivity
- Protection of data is required by federal or state law or regulation, or contractual obligation
- May be subject to data breach notification requirements
Examples:
- Protected Health Information (PHI)—i.e. HIPAA compliance
- Import/Export Rules
- Endangered species/habitat
Sensitive Data
- Has a moderate level of sensitivity
- Protection of data is required by the Data Steward or other confidentiality agreements.
Examples:
- Intellectual Property
- Designated Non-Public Academic Activity Information (DNPAAI)
- Employee and Student information, i.e. FERPA compliance
- Contracts
For additional information on restricted, sensitive and public data see Rule 4-004C Data Classification and Encryption Rev. 1
Guidance from the University Information Security Office (ISO)
ISO has a page on university-approved platforms for restricted and sensitive data, which they update as needed. This page is the University's "source of truth" for approved platforms and how they may be used.
Business Associate Agreement (BAA)
Research data should be stored within systems for which the University has a Business Associate Agreement (BAA). These agreements outline the permitted use, disclosure, and restrictions, and outline many safeguards required to protect the restricted information that may be shared with the business associate. If you have questions regarding whether a particular software has a Business Associate Agreement, please contact Milton Burbidge (milton.burbidge@hsc.utah.edu) in the Compliance Privacy Office at 801-587-9241.