Data Management Requirements

Protecting research data is critical. To ensure the security and integrity of research data, especially when it contains personally identifiable information (PII) or protected health information (PHI), we require strict adherence to our data management protocols. 

All research data must be stored exclusively on Marymount University-approved secure platforms that require your Marymount credentials and multi-factor authentication (MFA). This means you should never place research data—including PII/PHI or code keys—on personal drives, personal email accounts, USB sticks, or non-Marymount cloud applications. These unsecured locations put sensitive information at risk and violate data protection standards. 

Access to research data should be carefully controlled and limited only to authorized team members who have a legitimate need to view or work with the information. If your research requires it, maintain an access log to document who has accessed the data and when. At the conclusion of your project, you must follow Marymount’s retention policies and secure disposal procedures to ensure data is properly archived or destroyed according to regulatory requirements. 

These measures protect not only our research participants but also maintain the integrity of our research and ensure compliance with federal regulations.