Important Instructions and Resources regarding your ICPSR Restricted-use Data Access

Important Instructions and Resources regarding your ICPSR Restricted-use Data Access

We know that this is a challenging time to continue your work, including your critical research using ICPSR restricted data. You should have received an email with instructions for how to transition your restricted data from the physical location described in your Data Security Plan to a remote location. If you do indeed make this transition, you must adhere to the requirements outlined in that email. 

If you have questions, please email us at ICPSR-help@umich.edu, although our response time may be delayed as we all adjust to these unusual circumstances. We will do our very best to help in a timely manner. 

I currently have restricted data stored on an encrypted hard drive, non-networked computer, or private-network. How can I continue to access this data remotely? 

  • The storage device (e.g., the computer’s internal drive or separate attached external storage device) which currently holds the restricted data must  be encrypted before it is moved from the current location specified in your existing agreement. The storage device must be encrypted, not only the data files.
  • Store any encryption passwords securely and do not share them.
  • If the data are stored on a computer’s internal drive and that computer cannot be moved, you may transfer the data to a removable storage device such as an  external USB hard drive or thumb drive. Any removable storage device to which restricted data are transferred must be whole-disk encrypted before it is moved to a remote location.
  • Prior to moving restricted data to a remote location, you must email icpsr-nacda@umich.edu about your existing agreement(s) to update your Confidential Data Security Plan and identify a single room in your remote location that meets the security protocols.
  • If you transfer the computer holding the restricted data to your remote location, it must at all times remain isolated from any network connection (wired or wireless).
  • If you transfer the restricted data to your remote location on an encrypted removable storage device, you may connect it to a computer at the remote location under the following conditions:
    • The computer must be disconnected from all wired and wireless networks prior to connecting the remote storage device. Disabling the network interface(s) is the preferred method since this prevents the computer from automatically reconnecting to networks.
    • The computer must remain disconnected from all networks while the external storage device is connected to the computer.
    • Any software used to analyze the data should be configured to store temporary files and output to the encrypted device.
    • You are not permitted to copy restricted data from the encrypted device to your personal computer (i.e., the local internal hard drive), to a cloud storage, or to any other storage medium.
    • When not in use, the device must be stored securely.

How can I encrypt a storage device?

ICPSR has provided detailed encryption instructions using BitLocker, MacOS, and VeraCrypt, available here.

If you need additional assistance with device encryption, please reach out to your institution’s IT department.


Please see ICPSR’s 2020 Data Resources Page, designed to assist our community during this uncertain time. If you have questions or need further assistance you can reach us at ICPSR-help@umich.edu

We will do our best to get back to you as soon as possible, although we appreciate your patience. Your institution's IT department is also a great resource.  

Thank you for taking these important steps to ensure that data privacy and security are protected while your work continues. Stay well!

For ICPSR's full announcement, including information for VDE users, please follow this hyperlink

 

 

Mar 23, 2020

View other headlines