All people at IRP who will be working with sensitive data, as well as PIs of projects that supervise those working directly with the data, must undergo orientation before access to data is granted for a given project. Orientation is provided because it is essential to the security of data at IRP that users have a good understanding of both the Social Science Computing Cooperative (SSCC) Silo servers, and IRP security policies.
IRP Confidentiality and Data Security Agreement
All people at IRP who will be working with sensitive data, as well as PIs of projects that supervise those working directly with the data must sign the agreement, agreeing to the terms within. PIs are held responsible for ensuring each member of a project research team upholds the terms; violations jeopardize the access to data for entire research projects, not just for the individual employee.
IRP’s Confidentiality and Data Security Agreement contains the following general policies to which the signee agrees:
- No confidential data may be released to unauthorized persons.
- Research materials that contain confidential data must be safeguarded at all times.
- For confidential data stored on the Silo servers (or any other server) at SSCC, it is strictly prohibited to copy or download individual-level data to removable storage media or other external systems, including laptop, office, or home computers.
- Research materials that may potentially identify individuals cannot be left where they might be observed by others, so cannot be e-mailed or exposed to other insecure means of transport.
- Research is subject to a review period with the state agency(ies) that own the data before public release can be made. Research must include required disclaimer language.
Users of confidential data are also asked to indicate the name(s) of the project for which the data are being analyzed.
Use of data for a project not listed may result in termination of data access privileges.
Continue to SECTION II of the manual.