InfoSec Blog - Research Data Protection Do’s and Don’ts

Do's and Don'ts

November 2, 2018

Congratulations! You’re embarking on a research project. Your plate will be full; lots of ideas and tasks. 

While you think you may not have time to attend a long list of rules and requirements, we encourage you to pay attention to these Do’s and Don’ts of protecting your data. 

x  Store data on personal devices

Do Don't
  Encrypt all your devices x  Share with unauthorized people
  De-identify your data x  Re-use without permission
  Collect only data you need x  Use non-approved cloud storage
  Use Central Storage x  Leave data in unlocked places
  Maintain secure backups x  Skimp on REB requirements
  Securely destroy when finished x  Take shortcuts to save time
  Keep your PI informed x  Store data on personal devices


Following these easy Do’s and Don’ts will minimize risk of data loss, theft, the possible reporting to law enforcement and the Information Privacy Commissioner of Ontario, or even lawsuits. 


Written by: Gerrit Bos (IT Security Officer, CCS Information Security)