Many ECU faculty, staff and students engage in research involving the collection and use of identifiable private information. Federal law and ECU Policy provide specific guidance for protecting personally identifiable information (PII). Specific information for researchers regarding university requirements for conducting research may be found within the Research and Graduate Studies Division.
Information contained on the research and graduate studies site is intended to provide guidance to researchers in protecting PII and other sensitive data that might be included in their research information.
Guidelines:
- Store the data on a secure server or Piratedrive folder rather than personal desktops or portable devices. ITCS-managed servers and Piratedrive have layered security and credentialed administrators for added security. Desktops and portable devices are at risk for theft and viruses.
- Do not store PII on home computers.
- Encrypt PHI or PII stored locally on your desktop or any portable device. Visit Device Encryption for more information.
- Encrypt the transmission of PHI or PII (email, file transfer to other agencies, CDs, etc.).
- Physically secure both electronic and paper files.
- Do not store backup copies of research data on unencrypted storage devices — flash drives, CDs, home PC, etc.
Resource Links:
ECU Guide for Storing and Transmitting Sensitive Data
SSN Use, Disclosure and/or Storage Request Form
National Science Foundation (NSF) Data Management Plan
National Institutes of Health (NIH) Privacy and Security
To learn more, see the Guidelines for Protecting Sensitive Data IT Help knowledge base article.