Research And Engagement > UNCG Enterprise Research Data Management Plan
UNCG Enterprise Research Data Management Plan
This plan outlines the university’s approach to enterprise research data management and aims to support researchers in creating, collecting, storing, sharing, and preserving research data in line with UNCG Policy, legal requirements, and sponsor guidelines. This guidance applies to all research projects undertaken at UNCG including sponsored and unsponsored research. The goal of this document is to guide researchers in selecting an appropriate UNCG approved storage solution, upholding necessary security standards, and clarifying the roles and responsibilities associated with managing research data.
1. Research Data Lifecycle
The research data lifecycle begins with the creation of a Data Management Plan (DMP) that outlines how data will be collected, managed, and shared throughout a project. Some funding agencies have made DMPs a requirement upon proposal submission. In these situations, researchers must tailor DMPs to meet funder-specific guidelines, such as those from the NIH or NSF. These plans typically address data formats, access controls, ethical considerations, and long-term storage strategies. More information and updated requirements for DMPs can be found on the ORE Data management plan webpage.
Data collection involves gathering data through experiments, surveys, observations, meetings or other methods specific to the research project. Researchers should follow standardized protocols and metadata practices to facilitate reproducibility and transparency during data collection. Special consideration must be taken when secure data is being collected, and an approved data collection software is required. UNCG Approved methods for data collection include Qualtrics, Redcap, Microsoft Forms and Microsoft Teams.
Selecting an approved UNCG data storage and sharing solution is essential to ensure that research data is securely maintained and accessible only to authorized users while adhering to required security and privacy standards. Effective data sharing practices strike a balance between openness and necessary restrictions for sensitive or proprietary information. Sponsor-specific agreements may impose additional limitations on data sharing, both within the institution and with external collaborators.
Processing involves cleaning, transforming, and analyzing collected data. Only UNCG approved software may be used to process data. Data must be kept secure throughout the data analysis process. If specialized software is required to process Research data, it must be approved by ITS before purchase. More information UNCG approved software is here: software.uncg.edu
Publishing research data involves disseminating results and, where appropriate, sharing underlying datasets to promote transparency, reproducibility, and further discovery. This can be done through data repositories, supplementary files linked to journal articles, or standalone data publications with proper metadata and licensing.
Data archiving ensures that data is preserved and remains accessible in the long term. This often involves transferring data to dedicated digital repositories or archives, ensuring compliance with FAIR (Findable, Accessible, Interoperable, Reusable) principles, and utilizing sustainable formats to prevent data loss or obsolescence. Some sponsors require a data repository to be identified in your Data Management Plan at the beginning of the Research Project.
When data is no longer needed or has reached the end of its retention period, it must be securely disposed of in accordance with institutional, ethical, and legal guidelines. The data disposal processes may involve deletion, anonymization, or destruction to ensure data privacy and security are maintained. Some sponsors require a certificate of destruction after data is properly disposed of. If a research project requires specialized data disposal methods, please reach out to 6tech@uncg.edu for assistance.
2. Governance of Research Data
In accordance with the Access to and Retention of Research Data Policy, all research data stored on UNCG approved infrastructure storage locations is managed by the Principal Investigator (PI) of the research study. The PI is the primary custodian and steward of their Research Data. The PI is responsible for ensuring compliance with all applicable data management and retention requirements outlined in Data Use Agreements (DUAs), contractual agreements, statements of work, and other relevant documentation. These agreements may specify data retention periods, access control measures, and security protocols. As such, it is the PI’s duty to adhere to these provisions and ensure that their data storage and access practices align with institutional policies and external regulatory requirements.
The ITS department holds critical responsibilities in managing and securing research data across the lifecycle. This includes ensuring storage vendor integrity by carefully evaluating and managing vendor relationships to meet compliance, security, and performance standards. ITS shares responsibility for security incident response, working in tandem with researchers and other stakeholders to address data breaches or vulnerabilities. Providing robust technical support and compliance guidance, ITS ensures that researchers understand and adhere to relevant data regulations and best practices. Additionally, ITS oversees the architecture, selection, and management of data storage solutions, offering scalable, secure, and efficient options to meet diverse research needs. This comprehensive support enables researchers to focus on their work while maintaining data security, integrity, and compliance.
Research data generated at UNCG is owned by the university and is a part of a larger framework of Data Governance. UNCG has developed a multi-level framework in which major data-related roles and responsibilities are organized into several decision-making bodies. The three main bodies of Data Governance here at UNCG are the Executive Steering Committee (ESC), the Data Trustees Committee, and the Data Stewards Committee. To learn more about Data governance at UNCG see the UNCG Data Governance Website
3. UNCG Approved Storage Locations
UNCG approved storage locations for research data are vetted to ensure high standards of security, compliance, and performance metrics, tailored specifically to meet the needs of researchers. These managed and secure storage solutions provide a safe environment for handling sensitive and critical data throughout the research lifecycle. While alternative storage solutions may be used when there is a contractual obligation (e.g., on-premises or air-gapped storage), researchers must adhere to institutional guidelines. Temporary storage for data collection can utilize approved tools such as REDCap, Qualtrics, and voice recorders, but local storage is strictly prohibited unless a formal exception request is granted. Additionally, research data may be stored in third-party software only if the software has been approved through an ITS Prepurchase review. If a researcher requires storage beyond what UNCG offers, they are responsible for providing funding for such expanded storage needs.
UNCG Approved Storage Locations
Box
Box.com serves as the primary storage solution for research data at UNC Greensboro. It offers robust security features, version control, and easy collaboration capabilities for research teams. This environment has been specifically designed to meet Research data storage requirements.
M365
Microsoft 365 provides integrated tools for document management, collaboration, and storage, including OneDrive and SharePoint. These tools support secure data sharing and seamless integration with other Microsoft applications commonly used in research workflows.
On-Prem Storage
UNC Greensboro maintains on-premises storage solutions for researchers requiring localized or high-performance data storage. These systems are particularly suited for large datasets and projects with specific compliance or access requirements.
Data Collection Platforms
REDCap and Qualtrics facilitate secure and efficient data collection for research projects. Both platforms are customizable to meet study-specific needs and include compliance measures for sensitive data.
Custom Research Storage Solutions
Custom storage solutions are available for unique research requirements that exceed the capabilities of standard offerings. These are tailored to address specialized data security, compliance, or scalability needs.
4. Data Security and Compliance
UNCG Secure Research Infrastructure
UNC Greensboro provides a robust research infrastructure to meet the diverse needs of its research community. This includes a Secure Research Enclave for securely housing and analyzing sensitive data with stringent compliance requirements, as well as access to Microsoft Azure services for scalable, cloud-based data processing and storage. Box.com serves as UNCG’s secure cloud storage provider, offering a reliable solution for research data storage and sharing. High-Performance Computing (HPC) resources are available both on-campus and through partnerships with UNC Chapel Hill and NC State, offering advanced computational power for data-intensive projects.
UNC Greensboro currently supports compliance frameworks such as ISO 27001, NIST 800-171, and NIST 800-53 for research data management. Efforts are underway to expand support to include FedRAMP and CMMC, providing enhanced compliance for federally regulated or highly sensitive data. Researchers requiring these advanced measures or specialized solutions must secure additional funding to cover associated costs.
Contract and Legal considerations
All contracts and Data Use Agreements (DUAs) related to research data must be reviewed by the Office of Sponsored Programs (OSP) and Information Technology Services (ITS). This ensures that all legal, compliance, and security requirements are addressed before data is shared or accessed.
Due to the shared responsibility of data security incidents, ITS must be aware of any breach notification deadlines and points of contact to ensure proper contact and coordination for incident response. By staying informed of these requirements, ITS can respond appropriately and effectively to any data security incidents, maintaining compliance with contractual obligations and minimizing risks to researchers and the institution.
5. Support
For support with research data management, UNC Greensboro researchers can contact 6-TECH at 6tech@uncg.edu.