Purpose

The purpose of this policy is to establish general digital data management standards and set the shared responsibilities for ensuring that digital research and scholarly data serve the needs of the University and the funding agencies.

Authority

Code of Virginia Section 23.1-1301, as amended, grants authority to the Board of Visitors to make rules and policies concerning the institution. Section 6.01(a)(6) of the Board of Visitors Bylaws grants authority to the President to implement the policies and procedures of the Board relating to University operations.

Code of Virginia Section 23-49.11 et seq., as amended

Bylaws of the Old Dominion University Board of Visitors, Article VI, §6.01 (c) (7)

Definitions

Access - The ability to find, read, enter, copy, download, or update data.

Consumer/User - An individual or organization that accesses Research and Scholarly Data.

Digital Data - The representation of discrete facts; any information in electronic or audio-visual format.

Institutional Data - Recorded information that documents a transaction or activity by or with any appointed board member, officer, or employee of the University and may include, but is not limited to, a University Record.

Research and Scholarly Data ("Research Data") - Digitally recorded information (necessary to support or validate a research project's observations, findings, or outputs. Specifically, data that are:

1. Acquired and /or maintained by University employees and/or students in performance of research and/or in pursuit of a scholarly activity;
2. Created or updated in pursuit of a research or scholarly function;
3. Necessary to support research or scholarly findings, establish validity of inventions, and prove ownership of Intellectual Property Rights.

Research and Scholarly Data Governance Committee (RSDGC) - The University-level committee that establishes overall policy and guidelines for the management of and access to the University's research data in accordance with existing University policies and applicable law and regulation.

Research Data Management Plan - Plan for collecting, organizing, maintaining, and sharing or providing access to research data.

Researchers - Members of the University including employees, students, volunteers, employees of affiliated organizations, and visitors to the institution who are conducting research on University premises or using University facilities.

University Records - Recorded information that documents a transaction or activity by or with any appointed Board member, officer, or employee of the University. Regardless of physical form or characteristic, the recorded information is a University record if it is produced, collected, received or retained in pursuance of law or in connection with the transaction of University business. The medium upon which such information is recorded has no bearing on the determination of whether the recording is a University record. University records include but are not limited to personnel records, student records, academic records, research records, financial records, patient records and administrative records. Record formats/media include but are not limited to email, electronic databases, electronic files, paper, audio, video and images (photographs).

Scope

This policy applies to all employees, students, volunteers, employees of affiliated organizations who are paid through the University, and visitors to the institution who create, preserve, retain, or use research data and covers all externally funded research conducted by the University or affiliated organizations. Employees include all staff, administrators, faculty, full- or part-time, and classified or non-classified persons who are paid by the University. Students include all persons admitted to the University who have not completed a program of study for which they were enrolled; student status continues whether or not the University's programs are in session. Affiliated organizations are separate entities that exist for the benefit of the University through an operating agreement and include the Foundations, the Community Development Corporation, and the Alumni Association. Visitors include vendors and their employees, parents of students, volunteers, guests, uninvited guests and all other persons located on property owned, leased, or otherwise controlled by the University.

Except as approved by the Institutional Review Board or individual college Human Subjects Review Committees for use in research, data exluded from this policy are:

• personal medical, psychiatric, or psychological data for employees, students, and clinic patients;
• sole possession notes and records that are the personal property of individuals in the University community;
• institutional data, unless used in research; and
• instructional notes and materials
  

Policy Statement

Old Dominion University seeks to promote the highest standards in the management of research data as fundamental to both high quality research and academic integrity.

The University recognizes that accurate and retrievable research data are an essential component of any research project and necessary to verify and defend, when required, the process and outcomes of research. Research data are valuable to researchers for the duration of their research and may well have long-term value for research, teaching and for wider exploitation for the public good, by individuals, government, business and other organizations, as a project develops and after research results have been published.

The University acknowledges its obligations under research sponsors' data-related policy statements and codes of practice to ensure that sound systems are in place to promote best practices, including through clear policy, guidance, supervision, training and support.

Researchers, departments/faculties, divisions, central administrative units and service providers and, where appropriate, research sponsors and external collaborators, need to work in partnership to implement good practices and meet relevant legislative, research sponsor and regulatory requirements.

Research data should be:

• Accurate, complete, authentic and reliable;
• Identifiable, retrievable, and available when needed;
• Secure and safe;
• Kept in a manner that is compliant with legal obligations and, where applicable, the requirements of funding bodies and project-specific protocols approved through Office of Research;
• Able to be made available to others in line with appropriate ethical, data sharing, continuing research, intellectual property, proprietary, and open access principles.

When research is supported by a contract or a grant that includes specific provisions regarding ownership, retention and access to data, the provisions of that agreement will take precedence in the event of a conflict with this policy.

If research data are to be deleted or destroyed, either because the agreed period of retention has expired or for legal or ethical reasons, this should be done so in accordance with all legal, ethical, and research-sponsor and collaborator requirements and with particular concern for confidentiality and security.

Procedures

1. Researchers who create and own data have primary responsibility for:

   1. Managing and maintaining research data in accordance with the principles and requirements desribed in Section E and principles of responsible data owenrship as outlined in ITS Standard 01.2.0, IT Security Roles and Responsibilities.

   2. Authorizing or identifying responsible access to research data, to include reading, entering, downloading, copying, querying, or updating data or information, as appropriate and in accordance with requirements of the granting organization, the publishers, and any applicable laws and regulations (e.g., human subject information), including breach notification when appropriate.
      

   3. Developing and documenting clear procedures for the collection, storage, use, re-use, access and retention or destruction of the Research data associated with their research. This shall include policies and procedures established by the Research and Scholarly Data Governance Committee and, where appropriate, defining protocols and responsibilities in a joint or multi-institution collaborative research project. This information should be incorporated, where appropriate, in a Research Data Management Plan, for example, by using the DMPTool.

   4. Planning for the ongoing custodianship (at the University or using third-party services) of their data after the completion of the research or, in the event of their departure or retirement from the University, reaching a written agreement with the head of the department/faculty (or designee) as to where such data will be located and how it will be stored. A copy of the written agreement shall be provided to the chair of the Research and Scholarly Data Governance Committee.

   5. Ensuring that any requirements in relation to Research data management placed on their research by funding bodies, publishers, or regulatory agencies or under the terms of a research contract with the University or Affiliated Organizations are also met, including public access and/or data sharing.

2. The Research and Scholarly Data Governance Committee (RSDGC) reports to the Provost and Vice President for Academic Affairs on the development and enforcement of the University's Research and Scholarly Digital Data Management Policy. The Provost appoints Committee members, to include representatives from the faculty, University Libraries, Office of Research, Old Dominion University Research Foundation, Information Technology Services (ITS) and senior University management. The Provost will solicit recommendations from the Faculty Senate for the faculty representatives, who will comprise the majority of the committee. The Office of University Counsel will advise the RSDGC. The RSDGC may create subcommittees and task forces as needed to carry out its responsibilities.

   Committee responsibilities include:

   1. Guiding updates to this policy.
      

   2. Establishing specific goals, objectives, and action plans to implement the policy and monitor progress in its implementation.
      

   3. Establishing and communicating policies and procedures that facilitate management of research data as a University resource.
      

   4. Coordinating the data management efforts of the operating units involved with research data management. The operating units include, but are not limited to, the University Libraries, Office of Research, Old Dominion University Research Foundation, Information Technology Services (ITS), Colleges, Departments, Centers, and the Office of University Counsel.

   5. Defining and applying formal guidelines, procedures, and tools to manage the University's research data resources, to include providing access for outside researchers and delivery modes for transmitting research data.

   6. Defining a data stewardship model for protection and availability of research data, based on University Policy 3504 - Data Classification Policy.

   7. Resolving conflicts in the definition of centrally-used research data attributes, data policy, and levels of access. Resolving issues with regard to standard definitions for data elements that cross stewardship boundaries.

   8. Defining attributes and assigning maintenance responsibilities for data retention, disposition, and preservation in accordance with Section G.

   9. Coordinating with the Institutional Review Board on providing access to ODU's research data. Access to Research Data that is a public record should be managed in accordance with the Virginia Public Records Act.

3. Vice Presidents (or their designees) are responsible for:

   1. Providing access to services and facilities for the storage, backup, deposit, security, and retention of research data that allow researchers to meet their requirements under this policy and those sponsors funding their research.

   2. Providing researchers with training, support and guidance in research data management.

   3. Providing the necessary resources to those operational units charged with the provision of these services, facilities and training.

4. Consumers/Users will agree to the following:

   Responsibilities of consumers/users include:
   

   1. Confidentiality: Respecting the confidentiality and privacy rights of individuals whose records they may access.

   2. Ethics: Observing the ethical restrictions that apply to data to which they have access.

   3. Policy Adherence: Abiding by applicable laws and University policies with respect to access, use, protection, proper disposal, and disclosure of data.

   4. Responsible Access: Reporting any breaches of University information in a timely manner according to procedures defined in ITS Standard 05.2.0 Data Breach Notification.

   5. Quality Control: Reviewing reports created from data to ensure that the analysis results are accurate and the data has been interpreted correctly.

   6. Acknowledgement: Citing the source and location of the data in any publications that use the data.
      

Records Retention

Research data and applicable records must be retained for a minimum of five years and as specified by research sponsors, publishers, patent law, legislative and regulatory requirements, and/or applicable laws, and then destroyed in accordance with the Commonwealth's Records Retention Schedule (General Schedule 111, Series 101170).

Responsible Officer

University Librarian

Related Information

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Family Educational Rights and Privacy Act (FERPA)

Government Data Collection and Dissemination Practices Act § 2.2-3800 et seq

Board of Visitors Policy 1424 - Policy on Intellectual Property

Board of Visitors Policy 1426 - Policy, Procedures and Timeline for Responding to Allegations of Misconduct in Scientific Research and Scholarly Activity

University IT Policies:

• 3500: Use of Computing Resources
• 3501: Information Technology Access Control
• 3502: Information Technology Infrastructure, Architecture, and Ongoing Operations
• 3504: Data Administration Policy3505: Information Technology Security
• 3700: Records Management Policy

University IT Standards:

• 02.3.0 Data Administration and Classification Standard

Data Transfer Agreement (Office of Research)

Data Management @ ODU (University Libraries Guide)