Best Practices for Data Analysis of Confidential Data

While secure storage media will protect data when it is not being analyzed, it is also important to follow practices that keep data secure while it is being analyzed.   Secure storage is important, but it is only one aspect of a larger set of behaviors and habits that are important when handling research data that must be kept confidential.   Ultimately, the researcher is responsible for appropriate use and storage of their research data.

  1. STORE PAPER FORMS SECURELY:  Much like electronic data, paper documents such as consent forms, printouts, or case tracking sheets that contain personal identifying information (PII) must be stored securely in locked file cabinets when not in use and must be handled only by trained staff members when actively used during research. With consent forms in particular, it is important to remember that physical separation of the form from the subject’s data is not sufficient. The researcher’s assurance of confidentiality extends to the consent form which documents participation in the study must and be treated as a confidential document.
     
  2. USE SECURE STORAGE FOR DETACHABLE MEDIA:  Confidential data stored on transportable media such as CDs, DVDs, flash memory devices, or portable external drives must be stored securely   in a safe or locked file cabinet and handled only by authorized staff members.
     
  3. PROTECT PASSWORDS: Secure data storage depends on the creation and use of passwords that are needed to gain access to data records. The best storage and encryption technologies can be easily undone by poor password practices. Passwords should be difficult to determine and be protected as carefully as confidential data. They should never be shared or left on slips of paper at work stations or desks. Princeton University’s OIT is an excellent resource for information on creating and managing passwords.
     
  4. TRAIN AND MONITOR RESEARCH ASSISTANTS:  Research assistants who work with confidential data should understand and follow all of the basic data security practices outlined in this section.   This begins with human subject research training which may be completed on line at: Human Research/training.  Research assistants and other project staff must be acquainted with procedures and practices described in these guidelines. Principal investigators are directly responsible for training and monitoring project staff, and researchers who work with confidential data. Researchers are encouraged to contact the Office of Research Integrity and Assurance should they have questions about training.
     
  5. RESTRICTED USE SHARED ACCOUNTS OR GROUP LOGIN IDsAnyone who works with confidential electronic data should identify themselves when they log on to the PC or laptop computer that gives them access to the data.   Use of group login IDs violates this principle.   Project managers must make certain that everyone working with confidential data has a unique password that personally identifies them before they can access the data.   For any student or employee working on a Princeton computer, this will be the LDAP login ID and password that person was assigned at matriculation or initial employment. For information on requesting LDAP login IDs and passwords for temporary employees or consultants, click here.
     
  6. KEEP USER GROUP LISTS UP-TO-DATE:  User groups are a convenient way to grant access to project files stored on a remote server.   The use of user groups simplifies the granting and revoking of access to a research project’s electronic data resources.   By granting access privileges to each of the research project’s electronic folders to the group as a whole, newly authorized members of the project team can obtain access to all related electronic data resources by just being added to the group.   When an individual is no longer a part of the project team, the removal of his or her ID revokes access to all resources. But remember that group members can access resources on any Princeton computer to which the group has access, not just the computers used in your work area. Group membership lists should be reviewed regularly and, when project staff complete their work or leave the project, the user group administrator should update the user group list so that persons no longer working on the project cannot access any shared resources.
     
  7. AVOID USING NON-DESC PCs OR LAPTOPS FOR COLLECTION OR STORAGE OF CONFIDENTIAL RESEARCH DATA: The Desktop Systems Council (DeSC) oversees the use and maintenance of computers participating in the managed environments that make up the DeSC Program. The scope of the Council’s activities is to advise the university on standards for the managed computing platforms for institutionally owned computers. Computers outside of the DESC system may lack adequate firewalls, virus protection, and encryption that help protect confidential research data from being stolen.   Computers that are part of the University’s DeSC system maintain up-to-date systems that are designed to keep PCs, laptops and their contents securely protected from theft or unauthorized use.
     
  8.  ACTIVATE LOCK OUT FUNCTIONS FOR SCREEN SAVERS:  Computers used for data analysis should be configured to "lock out" after 20 minutes of inactivity.   This reduces the risk of theft or unauthorized use of data in situations where a user working with confidential data leaves his or her desk and forgets to logoff the PC. OIT provides instructions on how to configure the automatic lock out feature for Windows PCs.
     
  9. USE SECURE METHODS OF FILE TRANSFER: Transfer of confidential data files between users or between institutions has the potential to result in unintended disclosure. File transfers are often the weakest part of any plan for keeping research data secure. The method used to transfer files should reflect the sensitivity level of the data.   Research files with PII or other confidential information should always be compressed and encrypted before they are transferred from one location to another.   This is especially important when transferring files as attachments to email or as files on physical media such as CDs or flash memory drives.   File compression minimizes the chances of your file transfer failing because your file is too large.   Encryption will ensure that your compressed file cannot be read by anyone who does not have the password that was created when the file was compressed and encrypted. Other secure and convenient methods of file transfer include SharePoint and University-supported Google Drive
     
  10. USE EFFECTIVE METHODS OF DATA DESTRUCTION:  When requesting IRB review for their planned studies, researchers must create a plan for the ultimate disposition of their research data.   This plan specifies what will be done with the data once the objectives of the project are completed. In many cases, researchers will produce various types of reports or papers for publication, as well as a de-identified data file for use by other researchers or the general public.   If your research plan calls for destruction of documents or electronic files after the project has been completed, all paper files or CDs with PII should be shredded and any electronic files on memory drives, PCs, laptops and file serves should be permanently deleted.   In general, regulation requires that all raw data be kept for a minimum of 3-years after study completion.   If the research plan includes long term retention of PII (in paper or electronic form), then all data files should be stored securely in a safe or locked file cabinets in a secure building.   Undergraduate students should typically store their research data in the office of their faculty advisor.