Information Security in Research

Unauthorized access, breach of confidentiality, loss of integrity, disruption of availability, and other risks threaten your research information and electronic devices. UFIT security policies are aimed at reducing exposure to threats, thereby minimizing risk in order to protect UFIT resources.

 Approved Software:

 When considering where or how you are going to store the data for your study, the UF Information Technology website has an ever growing list of software applications and their approved uses. It can be found at this link:

 https://it.ufl.edu/community/guidelines/etools-assessment/

 On first look:

 1. Under each column, if there is not a “yes” or a “no” that means it is under review, and should be considered “no” until proven otherwise

 2. A “yes” under “Privacy Review Completed” only means that the Privacy Office has reviewed the software, it does not necessarily mean that it has been approved for use with Protected Health Information (PHI).

 3. If there is a “yes” under the “Approved for Restricted Data”, that does mean that it has been approved for use with PHI.

** Please Note: If your study involves the storage of PHI, the IRB will only approve a database that has “yes” listed for Security Review, Privacy Review and Approved for Restricted Data.

Approved Hardware:

Information regarding the use of electronic devices can be found at the following link:

Mobile Computing and Storage Devices policy