While ensuring the security of any research data is important, it is especially important when working with human subjects data. Protecting data collected from human subjects is critical, and the stewardship of such data is guided both by regulatory and ethical principles.
Princeton University’s Office of Research Integrity and Assurance (RIA) is the authority of record for human subject research data at Princeton, and provides guidance about data security on their website: https://ria.princeton.edu/research-data-security
Research data involving human subjects at Princeton are categorized into four categories. This categorization impacts how the data should be treated during collection, analysis, publication, and storage and so it’s important to correctly categorize your data as early as possible.
You can find a full summary table of research data categories provided by the RIA office here, but here is a quick summary:
Does Not Contain Personal Identifying Information (PII)
- Information that contains neither personal identifiers nor enough specific data to allow inference of subject identities, such as de-identified data from a survey or experiment
Contains Personal Identifying Information (PII)
- Sensitivity Level 1: Benign information about individually identifiable people
- Examples include: Data from a survey about reading habits; Data from an experiment on pattern recognition
- Sensitivity Level 2: Sensitive information about individually identifiable people
- Examples include: Data on employment history, personal relationships; Data from an experiment on racial attitudes
- Sensitivity Level 3: Very sensitive information about individually identifiable people
- Examples include: Data on sexual behavior, illegal drug use, criminal behavior, or crime victimization; Data from medical and mental health records
For help categorizing your data, contact: IRB@princeton.edu
For help finding active data and storage infrastructure that’s appropriate for your data, contact: