Sensitive data icon Data security and sensitivity


SecureMyResearch Cookbook


The SecureMyResearch Cookbook is designed to make securing research data easier for IU researchers. It offers information and recipes (step-by-step directions) developed by IU technology and cybersecurity experts using IU-provided ingredients that have security already baked in. Simply follow the recipe, and you will seamlessly weave security and compliance into your research workflows. IU affiliates can check out the SecureMyResearch Cookbook for guides on IU services and resources on securing sensitive data.

Meeting Standards

Many funders, particularly government organizations such as the National Science Foundation and the Department of Education, require you to store your data in a way that is both accessible and secure. This will enable other researchers to utilize your data while protecting participant identities and confidential information your data may contain. Funders will often clarify the legal standards by which your data must be initially stored, de-identified, and then shared for public use. A basic walkthrough on managing and storing sensitive data is available through Protect IU. If you are unsure if your data is sensitive, the level of security it may require, or you have questions/concerns about complying with the security standards of your funder, contact the Data Steward for Research Data to discuss proper compliance.

Securing Your Data

IU provides a guide on the various methods to secure your data through the Protecting Data guide. If you are unsure on how to best secure your data, particularly in terms of storage on your personal device or Box, you can work with UITS Research Technologies to contain your sensitive data. To ensure the security of your data that falls under HIPAA protection, both before and after you publish, be sure to go over the Legal Standards for Protected Health Information.


De-identification is a frequent requirement for data storage, as it allows users to store meaningful data while obscuring confidential information on a study’s participants. The HIPAA De-Identification Guidances clarify the standards that will ensure your research is done legally and according to IRB standards. These guidelines will primarily apply to your genetic data and any other potentially confidential health information you want to share. The Data Steward for Research Data will most likely be able to further assist you with any questions on this resource, particularly in terms of ethics and legality. For de-identification of your qualitative data, particularly your interviews, the Qualitative Data Repository (QDR) also lists guidelines for Managing Data as well as the De-Identification of Human Participants.