OVPR and HUIT are excited to announce that starting May 15th 2020, the University will be implementing a partial rollout of the updated Research Data Security Policy Guidance!
What do we mean by partial? Only certain requirements from the updated HRDSP Guidance will be effective in May, specifically:
- As part of their reviews, IRBs will begin assigning non-Sensitive/Sensitive determinations, as opposed to a specific Data Security Level (DSL). The content of the IRBs’ reviews will not change, just the specificity of their determinations. More info on CUHS here, more info on Longwood here.
- Related to the IRBs’ switch to a binary determination, information & school security officers (ISOs) will work with researchers to determine the applicable DSL. Researchers will submit a request for security review in the new Data Safety Application, and the request will automatically be routed to the cognizant ISO.
- All projects deemed “Sensitive” by the IRBs, and all research data that, based on HUIT guidance, appears to be DSL 3, 4 or 5, will be required to be submitted in the Safety Application for ISO review.
- Similarly, all data that is subject to a DUA will be required to be submitted in the Safety Application for ISO review (in addition to submitting a request in the Agreements-DUA Application).
Research Administration and Compliance Systems has done an amazing job developing a Summary of these reviews, and their website provides helpful guidance on using each of the Applications: Data Safety, ESTR-IRB and Agreements-DUAs!
Please note: The entirety of the updated HRDSP will go live July 15, 2020.
More guidance will be developed in the upcoming months, so stay tuned and stay healthy!