Data Management

Data management and documentation is an important part of the responsible conduct of research. Data that you create, record, compile or collect during your research is a valuable asset that needs to be preserved over long periods of time. To optimize research outcomes, data must be stored, retained, documented and/or described, made accessible for use and reuse by other researchers, and/or disposed of, according to legal, statutory, ethical and funding bodies’ requirements.

LabArchives provide researchers with complete historical versions of all the research data recorded from study designs to data management and record of meeting notes. All data entered into LabArchives is time-stamped and identifiable by the person who entered the data. Data is not able to be deleted once documented and saved into LabArchives. This feature provides protection of the University’s invention and Intellectual Property and enables the ERN to be highly auditable. All data management such as ownership, ethics and data retention must be well-documented by researchers in order to comply with Responsible Conduct of Research standards.

  • You are able to manage and organize all your research data and information in one place (central HUB).
  • Lab Archives supports some funding agencies data management plans requirements. The Libraries’ Research Data Management Support provides Drexel researchers consultation in data management to help meet funder and publication requirements, and to increase the visibility of Drexel research. For more information about Drexel’s data management support services, email datamanagement@drexel.edu or contact your liaison librarian.
  • Aids in data stewardship requirements
  • Data sharing via public URL or DOI

Prior to using LabArchives, researchers that are engaged in any research partnerships with external organizations or using records generated by external organizations, should review their legal agreements or contracts before adding any data and records to LabArchives. Some external organizations do not allow the storage of data or records in a cloud-based storage platform. If this is the case for your research then you can still use LabArchives but provide links to point to where this research data is stored (e.g., web page, RedCap).

Considerations for external parties can include the following:

  • Industry agreements;
  • Commercial agreements;
  • Multi-institutional agreements;
  • Government agencies’ databases;
  • Material accessed via library proprietary resources (such as journal articles and commercial database records).

If you have any questions or concerns, please seek legal advice from the Office of the General Counsel or Chief Privacy Officer.

Sensitive data (e.g., participant data) is safe when stored on LabArchives. For concerned researchers working with new, junior or inexperienced staff and students, records with participant-identifiable information can be stored via other data storages means (i.e. local back-up S-Drive, locked filing cabinet). The coded participant information can then be stored on LabArchives with links to point to the identifiable information stored in other data management systems. If you have any questions or concerns, please consult further with the Faculty.

Currently there are no restrictions to the amount of data or the number of notebooks that can be created in the Electronic Research Notebook service. However, there is a limit on the maximum individual file size that can uploaded at one time of 4 gigabytes. Multiple files of less than 4 gigabytes can be uploaded without restrictions. Any files that are larger should be stored outside of LabArchives.

Data Permission and Restrictions when Using LabArchives

The Office of Research & Innovation’s contracting process with LabArchives included an extensive review of data security controls by Drexel IT Security and the Office of General Counsel. Our agreement with LabArchives includes measures that safeguard the intellectual property and security of DU research data including a signed Business Associate Agreement (BAA).

Ultimately, you are responsible for ensuring that your use of this service complies with laws and regulations as well as university privacy policies. Note that Drexel University is a “hybrid entity” meaning that it’s business activities include both covered and non-covered functions
and HIPAA Rules apply to the covered functions. See Compliance below for details.

Permitted

  • Personally Identifiable Information (PII) (as applicable per specific rule)
  • Protected Health Information (PHI) (HIPAA Rules)
  • Sensitive Identifiable Information (SII) Human Subject Research

Not Permitted

  • Attorney - Client Privileged Information 
  • Controlled Unclassified Information (CUI)
  • Credit Card or Payment Card Industry (PCI) Information
  • Export Controlled Research (ITAR, EAR)
  • Federal Information Security Management Act (FISMA) Data
  • Social Security Numbers
  • Driver’s License Numbers
  • Passport Numbers
  • PII in Student Education Records (FERPA)
  • Student Loan Application Information (GLBA)

Compliance 

When you use LabArchives you are sharing your research data on a digital platform inside DU and potentially with any collaborators on the notebook who may or may not be at DU, so it’s important to consider if there’s any portion of your work or data that cannot be shared in this way.

  • Does your research involve human subjects? 
  • Does your research contain PII, PHI, SII, any personal information listed as “Not Permitted” or   any other restricted data?
  • Is your research subject to an IRB or IACUC protocol? 
  • Is your research funded by the Department of Defense? 
  • Is your research subject to export control restrictions?
  • Does your research involve proprietary or commercial data?
  • Does your funding stipulate any restrictions to data management or sharing?
  • Do you have a non-disclosure agreement for any portion of your research? 

Even if the answer is yes to one of these questions, you may still be able to use LabArchives for all of your research or with de-identified data consistent with DU privacy policies, but you should consult with your PI, Chief Privacy Officer, or the relevant office within the Office of Research and Innovation such the HRPP, IACUC or Export Controls on using this tool for your project.

The LabArchives software behind Electronic Research Notebook is HIPAA-aligned per DU IT Security assessment. Storage for the Electronic Research Notebook resides in Amazon Web Services (AWS). ERN’s are intended for keeping research notes and outcomes, not for hosting or managing a clinical trial. It is not integrated with any clinical records systems or clinical trials management systems now, and there are no plans for such integration in the future. For clinical trials, consider using a tool such RedCap.

Data Security

Drexel University's enterprise license with LabArchives included an extensive data security review by the Drexel University Information Technology, and Office of Privacy. Our agreement with LabArchives includes a BAA and includes measures that protect the intellectual property and security of your research data.

To ensure a secure connection between your computer and your LabArchives account when you are off-campus, it is recommended that you set up a connection through Drexel’s VPN. 

Security Controls include:

  • Encryption of data in transit and at rest
  • Firewalls and other security devices on all servers
  • Monitoring of all network traffic for suspicious activity
  • Regular testing, upgrades, and patching for vulnerabilities
  • Regular third party security audits 

Departing Personnel

  • When a staff member or student departs from the University, control of the LabArchives ERN will remain with the research group under supervision of the principal investigator or designee. They may take a copy of the ERN subject to the Head of the Research Group’s and University’s approval. 
  • If the owner of the LabArchives ERN or Head of the Research Group is departing the University, the exit procedures that are in place for relocating digital data and information will also apply to all ERNs. 
  • If a study is complete or retired, the LabArchives Notebook will be archived at School and University level to comply with Retention of Research Data policies. Schools and research groups are encouraged to include a handover process or agreement to take a copy of the LabArchives Notebook in the exit procedures.