Educause Security Discussion mailing list archives
Re: research data security
From: Chris Kidd <chris.kidd () UTAH EDU>
Date: Wed, 4 Nov 2009 13:14:38 -0700
Steve, We are embarking on a similar effort with the IRB, but are also pulling in the Office of Sponsored Projects. We're using the HI Trust Alliance Common Security Framework (anyone else using that?) with Archer. Our initial thoughts are that the inherent/residual risk questionnaires would become a part of the research and grant application processes. Let me know what you come up with. Chris Chris Kidd Chief Information Security and Privacy Officer The University of Utah 650 Komas Drive, Suite 102 Salt Lake City, UT 84108 Office: 801.587.9241 Cell: 801.747.9028 chris.kidd () utah edu http://www.secureit.utah.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steve Brukbacher Sent: Wednesday, November 04, 2009 1:06 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] research data security Hi, I'm working on my strategy for working with our researchers. We are beginning to work more formally with researchers as part of the IRB process. The variety of their work is great. Everything from one on one interviews going into an access database all the way to much larger web-based survey instruments that will need to handle PHI. What I'm wondering is how are other institutions handling these situations? Do you do a risk assessment/security planning engagement with each of them? Is it left up to departmental IT staff? Any tips for managing the workload on these? Anyone have checklists that have been useful in getting the basics taken care of? -- Steve Brukbacher, CISSP University of Wisconsin Milwaukee Information Security Architect UWM Computer Security Web Site www.security.uwm.edu Phone: 414.229.2224
Current thread:
- research data security Steve Brukbacher (Nov 04)
- <Possible follow-ups>
- Re: research data security Chris Kidd (Nov 04)
- Re: research data security Steve Brukbacher (Nov 04)
- Re: research data security Scott Bradner (Nov 04)
- Re: research data security Faith Mcgrath (Nov 04)
- Re: research data security Steve Brukbacher (Nov 05)