Data Management Lesley A. Brown Director of Proposal Development.
-
Upload
trevor-powell -
Category
Documents
-
view
213 -
download
0
Transcript of Data Management Lesley A. Brown Director of Proposal Development.
Data Management
A Data Management Plan (DPM) outlines the procedures you will use to manage your data during your research and explains how you will share your data and research results after the completion of the research project.
Creating a Data Management Plan
• Review funding agency requirements. • Determine what type(s) of data will be
produced (e.g., quantitative, qualitative, sensitive).
• Determine metadata standards.• Determine protections for sensitive or
classified data.
Creating a Data Management Plan
• Determine what policies will govern data sharing and reuse.
• Determine how you will archive and preserve your data.
What is Metadata?
• Data about data.• Two types
– Structural: data about the containers of data.– Descriptive: individual instances or the data
content.• Metadata often includes information on the means
of creating the data, purpose of the data, creator or author of the data, location on the computer network, and standards.
NSF Data Management Plans
• Required since 2011 for all NSF research proposals.
• No more than 2 pages in length.• Describes how the proposal will conform to
NSF’s Data Sharing Policy.
NSF Data Management Plans
An NSF DMP should include:• Types of data to be produced (including samples,
physical collections, software).• Metadata standards to be used.• Policies for access and sharing (including provisions
for privacy/intellectual property where necessary).• Policies and provisions for re-use.• Plans for archiving and ensuring long-term
preservation.
NIH Data Sharing Policy
• Published in the NIH Guide on February 26, 2003.
• Data should be made as widely and freely available as possible while safeguarding the privacy of participants, and protecting confidential and proprietary data.
NIH Data Sharing Policy
NIH Policy on data sharing applies:• To the sharing of final research data for
research purposes.• To all types of research supported by NIH.• To applications seeking $500,000 or more in
direct costs in any year through grants, cooperative agreements or contracts.
NIH Data Sharing Plan
• An NIH Data Sharing Plan should include:• Schedule for data sharing.• Format of the final dataset.• Documentation to be provided.• Whether a data sharing agreement will be required.• Mode of data sharing (website, data archive, data
enclave).
What Is a Data Enclave?
• Provides a controlled, secure environment in which eligible researchers can perform analyses using restricted data resource.
• Datasets that can’t be distributed to the general public (e.g., because of participant confidentiality concerns, third-party licensing or use agreements that prohibit redistribution, or national security considerations)can be accessed through a data enclave.
Resources
• UNC Charlotte Atkins Library.• http://
guides.library.uncc.edu/datamanagement• Information on NEH, NSF and NIH policies. • Sample plans.• Link to DMP Tool at University of California
Curation Center.• Links to funder requirements and templates.
Resources
• University of Minnesota Libraries.• https://
www.lib.umn.edu/datamanagement/DMP• Full collection of data management
information, including examples in a variety of disciplines.
Research & Economic DevelopmentOffice of Grants and Contracts Administration
• Data Security• Presented by Debbie Bolick • September 24, 2015
Data Security
Data security• Means safeguarding data, from being lost,
modified, or unauthorized access
Monitoring• That responsible parties are compliant with
security plans
Termination• Disposition or Sanitization of Data
What type of Data is being protected?
• Defined personally identifiable information• Information that can be used to distinguish or track an individual’s identity such
as name, SSN, or biometric information
• Indirect identification
• using information in conjunction with other data elements to reasonably infer the identity of a respondent such as a combination of gender, race, date of birth, geographic indicators, or other descriptors
• Non-identifiable information • Tracking purposes
CIPSEA• Confidential Information Protection and Statistical Efficiency Act
of 2002 (CIPSEA), Implemented June 15, 2007
• Provides strong confidentiality protections for statistical information collections sponsored by or conducted by more than 70 Federal agencies
• Establishes uniform policy across Federal agencies
• Authorizes data sharing among specified agencies (Bureaus of Economic Analysis, Labor Statistics and Census) to include identifiable data
• CIPSEA data may only be used for statistical purposes
CIPSEA
• Penalties for non-compliance
• Class E felony with imprisonment of not more than five (5) years
• Fine of not more than $250,000
CIPSEA Implementation Guidance
• Harmonized principles and processes and set minimum standards
• Utilized best practices for handling
• Addressed intersection between CIPSEA and Privacy Act of 1974 for non-statistical uses
Authority
Federal agencies empowered to make determination about the sensitivity of their information used for statistical purposes under a pledge of confidentiality
Applies to local and state governments collecting data for federal agencies
Special procedures required for use of laptop computers, PDAs, zip drives, floppy disks, CDROMs or any other IT devices
Minimum Standards• All persons with access understand his/her responsibility related to
maintaining confidentiality of information • Monitoring procedures for collection and release
• Evaluating the reason for and controlling access
• Maintaining physical and information systems security
• Required Training • Overview of protection procedures • Limit access to those with a “need to know” • Physical and information systems security procedures must be
in place• Penalties
311.9 Regulation Regarding Third Party Data Subject to Contractual Access
Data Security at UNC Charlotte pursuant to Policy 311.9Implemented February 2011
Policy for handling and safeguarding electronic third party data • Received from third parties • Subject to contractual access restrictions.
Ensures that adequate precautions are implemented prior to receiving such data• Maintain the security and confidentiality of covered data; and • Protect against the unauthorized access or use of such records
or information in ways that could violate the University’s agreements with third parties who supply such data.
Initiate Request for Data?
Data
Security
Officer)
• First Point of Contact• Data Security Plan• Checklist
University
Signatory
• Data Use Agreement• Document Repository• Submits to Agency
Data
Sponso
r
• Agency releases Data to PI
PI
PI
PI
DATA
Ongoing Monitoring
• College Data Security Officer
• Central IT
• Random audits
• Collaborative role
• PI (Lead Custodian) cannot be a student
• Authorizes Updates and monitor• Students• Research staff
• Signs Use Agreement
• System of Record
Signatory Unit
Responsible Party
Information Security
Internal Audit
DSO list
Data Security OfficersEffective April 2015
Charles Andrews ......Metropolitan Studies and Extended Academic ProgramsWilliam Ardern .........William States Lee College of EngineeringBrian Bard ................Student Health CenterTim Carmichael ........Belk College of BusinessAlex Chapin ..............College of Liberal Arts & SciencesRose Diaz .................College of Arts + ArchitectureDane Hughes ............College of EducationJoe Matesich .............College of Computing and InformaticsMichael Moore ...........College of Health and Human Service
ResourcesCollege Data Security Officers http://itservices.uncc.edu/home/it-policies-standards/data-security-officers
IT Policies & Standardshttp://itservices.uncc.edu/home/it-policies-standards
Security Awareness Traininghttp://itservices.uncc.edu/home/information-security/information-assurance/security-awareness-training
Human Subjects (IRB) http://research.uncc.edu/departments/office-research-compliance-orc/human-subjects
Checklist & Data Security Planhttp://research.uncc.edu/departments/office-research-compliance-orc/human-subjects/3rd-party-data-requirements