Skip to Main Content

Data Management: Working Data: Policies & Practices

Data Management Plans, Support, and Data Repository Recommendations

Data Management Best Practices

Data Storage and Sharing Practices

Who owns the data I collect?

  • You AND the University (see Faculty Manual 7.2, IV.E).

How long must this data be retained?

  • In general, at least 5 years (or longer if required by funder)
  • High value data sets may need to be kept for longer periods

When should I encrypt my data?

  • Any time it's sensitive (that which could cause harm to individuals, the university, or the intellectual property rights of the researchers and sponsors) and...
    • Any time you're sending data off-campus
    • Any time you're storing on a mobile or personal device

How can I share data responsibly with off-campus collaborators?

  • If you are the PI and the data are NOT sensitive, use OneDrive or a departmental PirateDrive folder.
  • If you are the PI and the data are sensitive, consider a departmental PirateDrive folder or Project REDCap for PHI. FERPA data that does not include SSNs may be stored in OneDrive.
  • If the external research collaborator is the PI, follow the protocols of the host institution and if you downloaded data, follow both the host protocols and ECU's recommended practices. (Contact Kathy Verbanac or Mary Farwell if there are conflicts in recommended practices between institutions.)
  • Consider a Data Use Agreement for external collaborators.

Can I use Cloud Computing services?

How do I pay for data storage?

  • Write it in your grant.
  • Contact your Chair or Associate Dean for Research to determine whether there are departmental or college-level funds.


Storage Options for Working Data

Storage Option Notes:
PirateDrive Piratedrive folders are backed up daily, password-protected and access can be granted to multiple ECU users.
OneDrive OneDrive may be used for general research and academic data (without SSNs). Information about OneDrive is available via ITCS (Overview, FAQs)
ITCS Server Can be certified for HIPAA storage. Contact the Help Desk.

Departmental Server

Can be certified to store sensitive information. Contact the Help Desk.

Encrypted Hard Drive See ITCS recommendations for encryption.
Project REDCap For Protected Health Information and Quality Improvement Studies. Contact ITCS for a REDCap access after your IRB approval.