Data Management Planning

General Guidelines

To avoid data loss, and to retain information held in earlier versions you should: 

Create and document a data backup policy

A backup policy provides specific guidance on data backup decisions and restore processes. This policy promotes consistency and ensures a successful recovery of data from a backup copy if data loss does occur. 

Create, at a minimum, 2 copies of your data

These copies should be in geographically dispersed areas. Place one copy at an "off-site" and trusted location such as a commercial storage facility, campus server, or cloud-based server. 

Use a reliable device when making backups

Consider external USB drives, campus servers, or managed cloud-based servers. Avoid use of light-weight devices, like floppy disks and USB stick-drives. Additionally, you should avoid backups on optical media, like CDs and DVDs, as they have been shown to degrade over time. 

Backup your data at regular frequencies

Sporadic backups may result in inadvertent data loss if a disaster were to occur. Be sure your files are backed up regularly to avoid major data loss. Make sure to backup your data when you complete your data collection activity and when you make any edits to your data. 

Source: Adapted from DataONE Best Practices

Data Storage

There are a variety of data storage options available to you depending on your needs and resources.  

Local Storage:

Local storage options allow for personalized control and everyday access. However, management and backups are the research team's responsibility. 

• Computer hard drive 
• External media (hard drive, USB)
• Department server​

Cloud-based Storage Options:

These storage options are stored and managed on remote servers and are regularly backed-up. There are a variety of options with different prices and storage capacities depending on your needs. 

• Cloud-based storage options provided by CSUF: 
  • Microsoft Office 365 
  • CSUF Dropbox for Business for Staff/Faculty 
  • CSUF Student Dropbox
  • Titan Google Apps
  • IBM Bluemix for Students: Free 6 month trial, after which you will need to purchase the license. 
  • IBM Bluemix for Staff/Faculty: Free 12 month trial, after which you will need purchase the license. 
• Subject-repository (ex. Dryad)
• Commercial (ex. Amazon Web Services, Microsoft Azure)​

Source: Adapted from UCLA Libraries

Data Security

Academic research can often involve handling of sensitive data, which may include information about human subjects, endangered species, or protected areas. In order to ensure security, your research team should follow physical security, computer files and systems security, and network security. 

Physical Security: 

• Always secure your computer and peripherals (i.e. USB, external drives). 
• Restrict access to buildings and rooms where sensitive data or research specimen are stored. 
• Only allow trusted individuals to troubleshoot computer problems. 
• Keep physical paper files in locked file cabinets. 

Digital Security: 

• Ensure that the computers used in research and/or data storage have up-to-date virus protection. 
• Use passwords to secure files and computers. 
• Although unencrypted data is ideal for storing your data because it will make it most easily read by you and others in the future, encryption may be necessary for some sensitive data, especially if the data are being transferred over email or FTP. 

Network Security: 

• Do not store or transfer confidential data on the Internet or in cloud storage. 
• Do not store sensitive materials on computers connected to the Internet. 

Source: Adapted from Georgia Tech

Research Subject Privacy

It is vital to maintain the confidentiality of research subjects for ethical reasons and to ensure their continuing participation.

• Comply with CSUF regulations: Consult the appropriate requirements from the CSU Compliance Office especially when working with human participants and vertebrate animals. 
• Comply with all health research regulations: Federal legislation contains very strict guidelines; consult HIPPA Privacy Rule Information for Researchers.
• Evaluate the data’s sensitivity: Consider whether the data contains direct or indirect identifiers that could be utilized with other public information to identify research participants.
• Obtain informed consent: Recommended informed consent language for data sharing.
• Restrict use of the data: Control access through embargoes or access/licensing terms and conditions.
• Learn about professional guidelines.

Source: Adapted from UCLA Libraries