Access to Sensitive UIC Sponsored Research Data

Policy Number: RE-7000-003

Policy Title:  Access to Sensitive UIC Sponsored Research Data

Vice Chancellor/Associate Chancellor: Vice Chancellor for Research

Unit Responsible for Policy: Office of the Vice Chancellor for Research

Effective Date: 10/1/2024

Contacts: Office of the Vice Chancellor for Research, Office of Research in Computing and Data Initiatives

Policy Statement:

The purpose of this policy is to provide an overview of the expectations for those outside the university to obtain access to sensitive sponsored research data generated at or curated by the University of Illinois Chicago (UIC).

This policy shall apply to sponsored program project research data generated by UIC researchers that includes sensitive data and that is restricted for sharing through public repositories or other open research mechanisms.

Reason for Policy: Researchers are facing increased expectations of data sharing, which may include providing access to sensitive datasets. This policy establishes standard expectations and guidance for process development to facilitate external access.

University Responsibilities: As per the UIC Research Data Ownership and Stewardship Policy, research data generated at the University is owned by the University, with the faculty member(s) who collect or maintain data serving as the data steward(s). The University is expected to provide a process for external researchers to gain access to controlled or sensitive research datasets in concordance with the terms and conditions of data use in many sponsored project agreements. This process will be overseen by a committee established by the Vice Chancellor for Research (VCR).

Data Steward Responsibilities: The Data Steward, as defined by the UIC Research Data Ownership and Stewardship Policy, shall serve as the primary contact for data sharing requests while the research project is active and shall respond in accordance with the terms and conditions of the sponsored project agreement.

At the conclusion of the project, if the Data Steward is unable or unwilling to continue to serve as the primary contact for data sharing requests, they shall defer to the committee overseen by the Vice Chancellor for Research.

Where the committee approves a data sharing request from an external party, the Data Steward or Unit will provide necessary assistance to complete the request.

Minority Impact Statement: The policy does not have any disproportionate or unique impact on UIC’s minority students, staff, or faculty.

Who Should Read the Policy:  All University employees (faculty and staff), students and other trainees and any other persons involved in the conduct of research.

Definitions:

  • Research Data: Research data are defined as recorded factual material, regardless of format, commonly accepted in the research community as necessary to validate and replicate research findings, regardless of whether the data have been used in scholarly publications. Data may include both primary data, gathered or acquired under the auspices of the University, or secondary data, that may be owned or generated by another party or for other purposes, but is used in whole or part for research conducted at the University.
  • University: There are many stakeholders in the facilitation of research data management and preservation at the University. The units of the Office of the Vice Chancellor for Research that may be involved are the Office of Sponsored Programs, the Office for the Protection of Research Subjects, the Research Data Initiatives and Information Office, the Office of Animal Care and Institutional Biosafety, the Export Controls Office and the Research Resources Center. Additional University collaborators include the University Library, the Advanced Cyberinfrastructure for Education and Research Unit of Technology Solutions, UI Health, and TBD.
  • Data Steward: In most instances the Data Steward will be the primary investigator(s) or a faculty member(s), who shall maintain oversight and responsibility of the research data through the data lifetime and its archival process in accordance with this policy. The Data Steward is the person responsible for the collection, management, retention and, where appropriate, destruction of research data as the custodian for the University. If a student or other trainee is designated as the primary investigator, the faculty mentor shall serve as the Data Steward.
  • Sensitive Data: Sensitive data are defined as data, for which the compromise of confidentiality, integrity and/or availability could create an adverse effect on a research subject or the University. Sensitive data may take many forms. Examples may include but are not limited to: health information, financial information, cultural practices, anthropological sites or endangered wildlife locations, or risky behaviors. While some of these data are legally protected, such as data that falls under the Health Information Portability Accountability Act (HIPAA), the Illinois Personal Information and Privacy Law (PIPL), the Family Educational Rights and Privacy Act (FERPA), the EU General Data Protection Regulation (GDPR), the Chinese Personal Information Protection Law (PIPL) or export controls, other types of data that may need to be protected beyond the boundaries of legal restriction, such as for ethical considerations or cultural protection. While the federal government has several definitions of sensitive data, this definition was created to more expansively include all forms of data the university may create which need additional protection, including data governed by data use agreements for which sharing is permitted.

Procedures: Procedure for University-Provided Access to non-University Researchers for Controlled or Sensitive Data [TBD]

Forms: TBD

Related Laws, Regulations, Statutes, and Policies:

Document History:
Approved by: Committee on Policy, Chancellor
Approval date: October 1, 2024
Approved as: New Policy