Frequently Asked Questions
What is the Secure Research Data Strategy?
The Secure Research Data Strategy is a partnership between the Research Computing Center (RCC), IT Services (ITS), Office of Legal Counsel and University Research Administration (URA) to provide secure computing environments to The University of Chicago researchers in order to access, store and analyze sensitive research data.
The Secure Data Enclave is a central service within the Secure Research Data Strategy.
What is the charter of the Privacy and Security Council for University Research?
The Privacy and Security Council for University Research governs the execution of the secure research computing strategy. It is chaired by the Vice Provost for Research with members consisting of the Dean or Dean Designee of each Division, School, and Institute; CFO; Office of Legal Counsel; Executive Director for Compliance and Internal Audit; and the Chair of Provost IT Committee.
What is the charter of the Secure Research Computing Oversight Committee?
The Secure Research Computing Oversight Committee executes the secure research data strategy. It is co-chaired by the Director of the Research Computing Center and the IT Services CTO with core membership consisting of the Representative of the Chief Information Security Officer, Office of Legal Counsel, URA, and the Secure Data Enclave Program Manager. The Extended membership includes the Associate Deans, IRB Directors, CIO, AVP URA, Executive Director for Compliance and Internal Audit, BCAS Chair and RCOC Chair.
How do I contact the SDE team for questions?
Send an email to email@example.com for questions about the SDE.
What is a Data Use Agreement?
A Data Sharing Agreement, Data Transfer Agreement, or Data Use Agreement (DUA) is a legally-binding contract between two or more institutions that documents what data are being shared and how the data can be used.
Which unit has signing authority for DUAs?
DUAs are routed to University Research Administration (URA) office at the University of Chicago. DUAs are reviewed to ensure the University can agree to the terms of the DUA, negotiated and signed by the Vice President for Research Administration.
How long does it take to get a DUA signed by the University once it is received by the URA?
The URA cannot guarantee a certain timeline. It can take anywhere from a few days to a number of months for both parties to execute the contract depending on factors such as the contract’s complexity, how much negotiation the contract requires, the investigator’s responsiveness to questions from the department and URA, the counterparty’s responsiveness to new drafts sent by URA, the URA’s request volume, whether any necessary IRB permissions are already in place, etc.
Do I need to do anything once I send an agreement to my department administrator for routing to the URA?
Your department and the URA will each be in touch with questions to move the process forward.
Do I need to contact the SDE directly to facilitate the DUA process?
Once you have communicated to your department administrator that you would like to store incoming data in the SDE and have specified who will need access to the data, someone will be in touch with you to initiate a discussion with a SDE manager to determine whether the SDE is the right environment for your study.
Who do I contact for updates on the progress of my contract?
Feel free to email or call the URA manager or your department administrator for updates.
Who do I contact if I have questions about the place of a DUA in my planned research project or about customizing an agreement for my research collaboration involving the mutual (as opposed to one-way) exchange of data and/or materials?
Please reach out to firstname.lastname@example.org.
Is there a Data Security Plan that can be referenced for the SDE?
The SDE Data Security Plan can be found HERE