Skip to content Skip to main navigation Report an accessibility issue

HRPP Data Security

For further assistance with data management and storage please contact the Office of Information Technology for Research Computing Support​​​​​​​.

How do I get started?

The HRPP has worked with the Office of Information Technology (OIT) to identify suitable programs that protect research participant data. Maintaining data securely with the appropriate level of anonymity, confidentiality, or de-identification is a key component in determining the level of risk involved in study participation for participants.

Researchers who are working with identifiable data are expected to outline their data management and security procedures in detail in their iMedRIS application. Please be aware that different types of data will have different security requirements. The HRPP recommends that researchers use their university-provided data storage systems and software for their research. Please see the table for a list of approved software for collecting, transcribing, and storing data. The HRPP will consider approving the use of software programs that are not listed in this table, but researchers must provide us with information about the program’s data safety and security features for review.

Data Systems Approved Software
Data Storage
  • UTK OneDrive
  • Secure Enclave (for PHI)
  • Redcap
Data Sharing
  • UTK Vault
  • UTK OneDrive
Online Surveys
  • UTK Qualtrics Account
  • Redcap
Transcription Software
  • UTK Zoom Account
Video Recording Services
  • UTK Zoom Account (if collecting sensitive data, HRPP staff recommend that researchers ask OIT for a HIPAA Zoom account)
Study Recruitment Software
  • Amazon Mturk
  • SONA
  • Redcap
  • Research Match
  • Prolific
HRPP staff is willing to review other software upon request to ensure it meets the standards for privacy and confidentiality

Data Security

Data security is of utmost importance to the integrity of research.  There are two ways in which to secure your data.  If data is kept in a physical manner (i.e. lab notebook, paper surveys, etc.), then physical security is needed.  Examples of physical security include lockable filing cabinets to hold the physical copies of data.  If data is stored in an electronic manner (i.e. laptop, electronic database, cloud storage), then information security is needed.  Examples of information security include the use of encryption and/or the secure enclave.

Although these are best practices, some sponsors may require additional physical and information security practices dependent upon nature and sensitivity of the research and data.