Skip to main content

Research Data Stewardship

Research Data Contacts

Jeanne Hughes
jmhughes@northwestern.edu
Assistant Dean
(847) 491-5549

Mike Hannen
mhannen@northwestern.edu
IT Director
(847) 467-3833

Guidelines

Research data must be managed according to the Northwestern University policies regarding Research Data: Ownership, Retention and Access (pdf) and Data Encryption. SESP investigators and research personnel are expected to meet their obligations as stewards of research data.

SESP has established the following guidelines for all investigators and research personnel when handling sensitive data. SESP classifies research data as sensitive if it involves human subject data or data which is defined as Legally/Contractually Restricted Information by the Data Access policy.

  • All sensitive data should have a defined repository in an institutionally sponsored service. All computing devices used to assess sensitive data must be encrypted and institutionally managed.
  • Access to a data repository containing sensitive data must be restricted to documented team members, must require the authentication of a verifiable organizational identification, and must be granted at the least level of privilege required to support assigned responsibilities.
  • Access permissions to a data repository containing sensitive data should be affirmed on a schedule appropriate for the size and variability of the team requiring access to the data.
  • Human subjects research studies collecting personally identifiable information or legally/contractually restricted information are required to have a documented security plan approved by the Northwestern Institutional Review Board (IRB).

If any modifications are required to your current data management practices, SESP IT staff will work with you to develop a corrective plan to ensure all research data is protected and stored according to University policy.