Skip to main content

Office of Information Technology

Institutional Review Board Security & Privacy Checklist

Laptop Icon

Storing data on a laptop, desktop, or USB drive?

  1. Where possible, obfuscate or avoid using any personally identifiable information.
  2. Password protect any document related to your research as an added defense layer. Please see the online Microsoft Word password protection instructions.
  3. Use caution, if connecting to the Internet via a public wireless service such as an "Internet Café" or "Hotel" service to upload documents to your "private e-mail." Cyber criminals often monitor and intercept unprotected wireless traffic.

    How do you protect yourself?
    • Ensure that the web page you are typing your login credentials (username and password) into uses SSL (secure socket layers). You will know this by looking at the web page address. It should begin with https:// and several browsers, for example Internet Explorer, illustrate that a web page uses SSL by adding an icon of a locked lock at the end of the web page address field.

    • Consider changing your password more frequently than you normally would to protect your e-mail access should a cyber criminal discover your credentials, when you figure it out your credentials have been exposed (if you do), it will be too late.

    • Remember to create strong passwords. Combine mixed case and a symbol or two and make the password as long as possible at least 8 characters. Avoid using words found in any language found in any dictionary.
  4. Consider using encryption to protect your data on your system from prying eyes.

    What is encryption? Read this FAQ.
    • Personal computer? One encryption product that is free and used by many security professionals is a product called TrueCrypt available for download at
    • University issued computer? Should already be encrypted using the University's licensed product, PGP. If your University-owned laptop is not encrypted, please call the Help Desk at 202-885-2550 to schedule an appointment.
    • Portable USB devices with encryption and password protection. Many retail stores, such as Best Buy, sell these devices. If research data is recorded and transcribed directly to this type of device, it would ensure that the data is protected between the time it is being received and up until it is transferred to another storage location.


>> Back to Checklist