Office of Information Technology

Institutional Review Board Security & Privacy Checklist

Please click on the image that represents the way you will be storing your data for specific guidance.

Mobile Icon Laptop Icon Cloud Icon


The Office of Information Technology (OIT) information security staff provides consultation to the Institutional Review Board (IRB) to rate the risk of exposure to the digital data being created, stored, or transferred. The risk is often evaluated exclusively by reviewing the contents of the Protocol and where possible an interview with the investigator. The risk is rated as low, medium, or high and where possible recommendations are provided to assist the investigator with techniques and tools to reduce the risk.

Consider the privacy and security of the data you will be handling. Then review this resource as you begin to fill out the Protocol for your investigation. Privacy is about providing individuals with general control over the collection, disclosure, and subsequent use of their personal information. Security is about ensuring confidentiality (restricting access to authorized individuals only), integrity (only authorized changes are made), and availability (the data is there when you expect it to be). C.I.A.

This resource has been designed to assist you, the investigator, with selecting the most appropriate ways to safeguard sensitive data related to your research prior to filling out your protocol. It is the IRB and OIT's express goal to assist you with protecting the data under your purview as well as expediting the review process.