The Use of Information + Data in Research

Respect + Privacy

Respect for human dignity has been an underlying value of research ethics review since its inception. Respect extends not only to the person but also to his/her personal information. There is widespread agreement about the interests of participants in protection of privacy, and the corresponding duties of researchers to treat personal information in a confidential manner. Indeed, respect for privacy in research is an internationally recognized norm and ethical standard.

Privacy risks in research relate to the identifiability of participants, and the potential harms they, or groups to which they belong, may experience from the collection, use and disclosure of personal information. Privacy risks arise at all stages of the research life cycle, including initial collection of information, use and analysis to address research questions, dissemination of findings, storage and retention of information, and disposal of records or devices on which information is stored.

Data Management

The University and its members are responsible for the stewardship of the research records created, acquired, managed or preserved. Good stewardship procedures will ensure that research records are managed and preserved for future scholarship, that research records can be verified and that confidential, personally identifying, identifiable and/or sensitive information is appropriately safeguarded.

Research Records Stewardship Guidance Procedure

Researchers are required to be familiar with, and follow, the Research Records Stewardship Guidance Procedure, which:

  • provides principle-based guidance for research records stewardship;
  • advises on best practices in research records management and preservation;
  • defines key considerations in the production, maintenance and protection of research data and records containing identifiable information on human participants; and
  • defines key considerations and minimum requirements for research records retention.

Data Encryption

University sensitive information stored on a mobile computing device is at risk for unauthorized access and disclosure if appropriate security measures are not implemented to protect the device against loss or theft of information.

The best way to protect University sensitive information is to not store it on a mobile computing device; however, it is recognized that storage of University sensitive information on a mobile computing device may be necessary in certain situations. In these cases, encryption provides protection against unauthorized access and disclosure.


Encryption must be used in concert with other security measures to maximize protection of information technology resources and of University sensitive information. The Office of the Vice-Provost and Associate Vice-President (Information Technology) has provided a Mobile Computing Security website that contains further information about other security measures.

Members of the University community are responsible for protecting University sensitive information, whether accessed from University-owned information technology resources or from personal, external or other resources.

Sensitive of Confidential

Sensitive of confidential information refers to all information that has been collected or compiled in the conduct of operating the programs and services of the University and may include:

  • personal information about an individual as defined in the Alberta Freedom of Information and Protection of Privacy Act;
  • health Information as defined in the Alberta Health Information Act;
  • confidential business information of third parties;
  • confidential information collected or complied in the process of hiring of evaluating employees of the University;
  • information collected or compiled in the process of law enforcement investigations;
  • advice, proposals or recommendations, consultations or deliberations of the governing and administrative authorities of the University;
  • information, the disclosure of which would harm the economic interests of the University;
  • any information to which legal privilege including client-solicitor privilege may apply.

from the University's Information and Privacy Office

Quick Links