New Data Security Review Process

HRPO is pleased to announce that we are ready to initiate the new data security review process for all new studies effective November 6, 2016. We have been collaborating with Sean Sweeney, Pitt Chief Information Security Officer, and his staff over the past year to develop guidance documents, a data security assessment form, and a formal data security review process by his staff at CSSD.

The new process requires the completion of a data security assessment form for all new studies and existing studies where the modification results in changes to the currently approved data management plan. Based on a risk assessment, a formal data security review may be required before the study is submitted for IRB review or during the IRB review process.

As previously announced at HRPO programs and the recent article in the University Times, these guidelines and assessment efforts are designed to help researchers better understand potential risks so appropriate data privacy plans are in place to minimize the risks to research participants and others.

Changes to the OSIRIS application:

  •    New questions in section 5 and requirement to upload a completed data security assessment form
  •    New modification cover sheet question to determine if there are any changes to currently approved process for the collection, transmission, or  storage of electronic research data

Contact Patty Orndoff by email at if you have any questions.