Skip to Content

Research Data Management and Security

Research Data Security
If you’re a researcher responsible for the security of data related to or resulting from funded or unfunded research, your practices must be in compliance with Texas State IT Security policies, standards, and guidance at all times. Because researchers may be required to fulfill additional security specifications set by federal funders and other research sponsors, ORIC and IT Security are here to provide you assistance and guidance as you navigate these requirements. For details on specific support services, visit IT Security’s Securing Research Data page.

Assistance during Proposal Submission or Prior to Grant Set Up
If you have questions about carrying out your funder’s data security requirements within the Texas State IT environment, please contact Sean Rubino or Becky Northcut.

To facilitate and coordinate communication between IT Security and the components within the ORSP that are involved in meeting your requirements, please submit a Data Services Request form.

Data Use Agreements
Any proposal, contract, agreement, terms and conditions document, purchase, or other transaction that commits Texas State University to specific terms, conditions, actions, standards, or requirements related to any type data security requirement related to research (funded or unfunded), must approved by, and may only be signed by Dr. Michael Blanda (unless the approval and/or signature is required to be provided by the Vice President of Information Technology, their designee, the Director of Purchasing, or their designee).

Any such agreements related to data from funded or unfunded research will not be approved or signed unless an IT security assessment has been completed.

IT Security Assessment
An IT security assessment prior to proposal submission or finalization of a contract is a mandatory requirement for any proposal, plan, contract, or agreement that contains specific requirements for data security. Examples of such requirements include, but are not limited to, data storage, data transfer, data re-use, restricted access, training, network, software or hardware requirements.