IT Security for Researchers

Many KU researchers engage in research that involves the collection or use of identifiable private information. Federal law and KU policy provide specific guidance for protecting identifiable research information.

Data Classification and Handling Policy

Classification is necessary to understand which security practices should be used to protect different types of information. The more protected the information needs to be, the more practices are required. Please review the Data Classification and Handling Policy.

Sensitive Research Data

KU research may deal with sensitive information that does not directly relate personally identifiable information. Proprietary information subject to confidentiality requirements, information with national security implications and other types of information may require extra security precautions. Researchers are encouraged to consult with KU IT to determine the proper security measures needed for these types of data.

Breach Notification Requirements

Each research project should have a well-defined document detailing what to do in the case of a security breach. Obtaining/creating/retaining the breach notification requirements is the responsibility of the researcher.

Principal Investigator (PI) Responsibility

It is the responsibility of the PI to comply with information security. Each PI is encouraged to carefully examine their use agreements, grants and other contracts to see what data handling requirements are included. KU researchers under must, at a minimum, comply with the requirements included with their grants and contracts, as well as comply with the KU Data Classification and Handling Policy. PI’s are encouraged to meet with KU IT to discuss what is required of their research.

Working with KU IT

We provide a number of services to help protect the data and systems of the University and our customers:

  • Consulting and assessments
  • Training
  • Firewall management
  • Antivirus software
  • Information resources
  • Email encryption

Please contact the IT Security Office at to discuss the information security requirements of your research and how we can best assist you.