{"id":16446,"date":"2025-08-27T11:35:09","date_gmt":"2025-08-27T15:35:09","guid":{"rendered":"https:\/\/research.ncsu.edu\/administration\/?page_id=16446"},"modified":"2025-09-09T14:17:12","modified_gmt":"2025-09-09T18:17:12","slug":"research-security-data-security-and-management","status":"publish","type":"page","link":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/","title":{"rendered":"Research Security: Data Security and Management"},"content":{"rendered":"\n\n\n\n<div class=\"layout-one-column is-text wp-block-ncst-link-list\">\n          <h2 class=\"link-list-section__heading\">\n        Quick links\n      <\/h2>\n        <ul class=\"link-list__container\">\n      \n<li class=\"ncst-component__bold-link-container wp-block-ncst-bold-link\">\n      <a \n      href=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/export-controls\/cui\/\"\n      class=\"ncst-component__bold-link text-link\"\n       target=\"_blank\"        rel=\"noreferrer noopener\"     >\n    <span class=\"text\">Controlled Unclassified Information (CUI)\u00a0<\/span><span class=\"arrow-indicator\"><svg class=\"wolficon wolficon-arrow-right-bold\" role=\"img\"  aria-hidden=\"true\">\n\t\t\t\n\t\t\t<use xlink:href=\"#wolficon-arrow-right-bold\">\n\t\t<\/svg><\/span>\n    <\/a>\n      <\/li>\n  \n\n<li class=\"ncst-component__bold-link-container wp-block-ncst-bold-link\">\n      <a \n      href=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/export-controls\/cui\/secure-university-research-environment-sure\/\"\n      class=\"ncst-component__bold-link text-link\"\n       target=\"_blank\"        rel=\"noreferrer noopener\"     >\n    <span class=\"text\">Secure University Research Environment (SURE)<\/span><span class=\"arrow-indicator\"><svg class=\"wolficon wolficon-arrow-right-bold\" role=\"img\"  aria-hidden=\"true\">\n\t\t\t\n\t\t\t<use xlink:href=\"#wolficon-arrow-right-bold\">\n\t\t<\/svg><\/span>\n    <\/a>\n      <\/li>\n  \n\n<li class=\"ncst-component__bold-link-container wp-block-ncst-bold-link\">\n      <a \n      href=\"https:\/\/research.ncsu.edu\/research-visitors\/\"\n      class=\"ncst-component__bold-link text-link\"\n       target=\"_blank\"        rel=\"noreferrer noopener\"     >\n    <span class=\"text\">Research Visitors<\/span><span class=\"arrow-indicator\"><svg class=\"wolficon wolficon-arrow-right-bold\" role=\"img\"  aria-hidden=\"true\">\n\t\t\t\n\t\t\t<use xlink:href=\"#wolficon-arrow-right-bold\">\n\t\t<\/svg><\/span>\n    <\/a>\n      <\/li>\n  \n\n\n\n    <\/ul>\n  <\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Relevant Policies, Regulations and Rules<\/h2>\n\n\n\n<p>All personnel, including faculty, staff, and students, should be aware that research conducted at NC State is subject to the university&#8217;s policies. NC State owns the resulting research data, which must be handled and retained in accordance with university and UNC System standards.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/policies.ncsu.edu\/policy\/pol-10-00-01\/\" target=\"_blank\" rel=\"noreferrer noopener\">POL 10.00.01 &#8211; Patent and Tangible Research Policy<\/a>&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/policies.ncsu.edu\/regulation\/reg-01-25-12\/\" target=\"_blank\" rel=\"noreferrer noopener\">REG 01.25.12 &#8211; University Record Retention and Disposition Regulation<\/a><br><br>Grant Records, including research data, fall under Series 6.4 of the <a href=\"https:\/\/archives.ncdcr.gov\/documents\/universitygs2021pdf\/open\" target=\"_blank\" rel=\"noreferrer noopener\">UNC System Retention and Disposition Schedule<\/a><\/li>\n<\/ul>\n\n\n<div id=\"footable_parent_16489\"\n         class=\" footable_parent ninja_table_wrapper loading_ninja_table wp_table_data_press_parent bootstrap4 colored_table\">\n                <table data-ninja_table_instance=\"ninja_table_instance_0\" data-footable_id=\"16489\" data-filter-delay=\"1000\" aria-label=\"Data and Security Management\"            id=\"footable_16489\"\n           data-unique_identifier=\"ninja_table_unique_id_3894110008_16489\"\n           class=\" foo-table ninja_footable foo_table_16489 ninja_table_unique_id_3894110008_16489 table  ninja_search_right nt_type_legacy_table ninja_custom_color inverted footable-paging-right ninja_table_search_disabled ninja_table_pro\">\n                <colgroup>\n                            <col class=\"ninja_column_0 \">\n                            <col class=\"ninja_column_1 \">\n                            <col class=\"ninja_column_2 \">\n                            <col class=\"ninja_column_3 \">\n                    <\/colgroup>\n        <thead>\n<tr class=\"footable-header\">\n                                                                        <th scope=\"col\"  class=\"ninja_column_0 ninja_clmn_nm_standard_reference \">Standard\/Reference<\/th><th scope=\"col\"  class=\"ninja_column_1 ninja_clmn_nm_applicability \">Applicability <\/th><th scope=\"col\"  class=\"ninja_column_2 ninja_clmn_nm_nc_state_compliance_status \">NC State Compliance status<\/th><th scope=\"col\"  class=\"ninja_column_3 ninja_clmn_nm_compliance_office \">Compliance Office<\/th><\/tr>\n<\/thead>\n<tbody>\n\n        <tr data-row_id=\"1\" class=\"ninja_table_row_0 nt_row_id_1\">\n            <td><strong>NIST SP 800-171 <\/strong> <\/td><td> Applicable to research involving Controlled Unclassified Information.  See Controlled Unclassified Information (CUI) for more information.<\/td><td>The Secure University Research Environment (SURE) is configured to meet this standard.    See <a href=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/export-controls\/cui\/secure-university-research-environment-sure\/\">Secure University Research Environment<\/> (SURE) for more Information  <\/td><td>Export Control Office<\/td>        <\/tr>\n            <tr data-row_id=\"2\" class=\"ninja_table_row_1 nt_row_id_2\">\n            <td><strong>DFARS 252.204-7012<\/strong> <\/td><td>DOD projects funded by contract <\/td><td>The Secure University Research Environment (SURE) is configured to meet this clause requirements.  See <a href=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/export-controls\/cui\/secure-university-research-environment-sure\/\">Secure University Research Environment<\/> (SURE) for more Information  <\/td><td>Export Control Office<\/td>        <\/tr>\n            <tr data-row_id=\"3\" class=\"ninja_table_row_2 nt_row_id_3\">\n            <td><strong>DFARS 252.204-7021 Cybersecurity Maturity Model Certification Requirements (CMMC)<\/strong><\/td><td>DOD projects funded by contract with a CMMC certification requirement. <\/td><td>SURE has been certified to CMMC Level 2<\/td><td>Export Control Office<\/td>        <\/tr>\n            <tr data-row_id=\"4\" class=\"ninja_table_row_3 nt_row_id_4\">\n            <td><strong>NIST SP 800-53<\/strong><\/td><td>Cybersecurity standard applicable to US Government systems and those systems operated on behalf of the U.S. Government.  This standard is not typically applicable to NC State research.<\/td><td>NC State IT Systems are NOT  able to meet this requirement and when included in the contract terms, Sponsored Programs will ask for it to be removed or a lesser standard to be applied (such as NIST SP 800-171.)<\/td><td>Export Control Office<\/td>        <\/tr>\n            <tr data-row_id=\"5\" class=\"ninja_table_row_4 nt_row_id_5\">\n            <td><strong>NIH Controlled Access Genomic Data<\/strong><\/td><td>Data received from NIH repository under Data Use Agreements that require compliance with NIST SP 800-171<\/td><td>The Secure University Research Environment (SURE) is configured to meet this clause requirements.  NOTE: SURE\u2019s capabilities may not be well suited for genomic data research.  Please review <a href=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/export-controls\/cui\/secure-university-research-environment-sure\/#capabilities\">Current Capabilities<\/a>  <\/td><td>IRB Office<\/td>        <\/tr>\n    <\/tbody><!--ninja_tobody_rendering_done-->\n    <\/table>\n    \n    \n    \n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>Relevant Policies, Regulations and Rules All personnel, including faculty, staff, and students, should be aware that research conducted at NC State is subject to the university&#8217;s policies. NC State owns&hellip;<\/p>\n","protected":false},"author":16,"featured_media":0,"parent":14610,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"source":"","ncst_custom_author":"","ncst_show_custom_author":false,"ncst_dynamicHeaderBlockName":"ncst\/default-header","ncst_dynamicHeaderData":"{\"pageIntro\":\"NC State University's Research Security Program is dedicated to protecting research while ensuring compliance with state and federal regulations. The program applies necessary controls while upholding the principles of academic freedom and the open exchange of scientific ideas. \"}","ncst_content_audit_freq":"","ncst_content_audit_date":"","ncst_content_audit_display":false,"ncst_backToTopFlag":"","footnotes":""},"tags":[],"class_list":["post-16446","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Research Security: Data Security and Management - Research Administration and Compliance<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Research Security: Data Security and Management - Research Administration and Compliance\" \/>\n<meta property=\"og:description\" content=\"Relevant Policies, Regulations and Rules All personnel, including faculty, staff, and students, should be aware that research conducted at NC State is subject to the university&#8217;s policies. NC State owns&hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/\" \/>\n<meta property=\"og:site_name\" content=\"Research Administration and Compliance\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-09T18:17:12+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/research-security\\\/research-security-data-security-and-management\\\/\",\"url\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/research-security\\\/research-security-data-security-and-management\\\/\",\"name\":\"Research Security: Data Security and Management - Research Administration and Compliance\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/#website\"},\"datePublished\":\"2025-08-27T15:35:09+00:00\",\"dateModified\":\"2025-09-09T18:17:12+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/research-security\\\/research-security-data-security-and-management\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/research-security\\\/research-security-data-security-and-management\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/research-security\\\/research-security-data-security-and-management\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Compliance\",\"item\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Research Compliance\",\"item\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Research Security\u00a0\",\"item\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/compliance\\\/research-compliance\\\/research-security\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Research Security: Data Security and Management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/#website\",\"url\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/\",\"name\":\"Research Administration and Compliance\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/research.ncsu.edu\\\/administration\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Research Security: Data Security and Management - Research Administration and Compliance","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/","og_locale":"en_US","og_type":"article","og_title":"Research Security: Data Security and Management - Research Administration and Compliance","og_description":"Relevant Policies, Regulations and Rules All personnel, including faculty, staff, and students, should be aware that research conducted at NC State is subject to the university&#8217;s policies. NC State owns&hellip;","og_url":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/","og_site_name":"Research Administration and Compliance","article_modified_time":"2025-09-09T18:17:12+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/","url":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/","name":"Research Security: Data Security and Management - Research Administration and Compliance","isPartOf":{"@id":"https:\/\/research.ncsu.edu\/administration\/#website"},"datePublished":"2025-08-27T15:35:09+00:00","dateModified":"2025-09-09T18:17:12+00:00","breadcrumb":{"@id":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/research-security-data-security-and-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/research.ncsu.edu\/administration\/"},{"@type":"ListItem","position":2,"name":"Compliance","item":"https:\/\/research.ncsu.edu\/administration\/compliance\/"},{"@type":"ListItem","position":3,"name":"Research Compliance","item":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/"},{"@type":"ListItem","position":4,"name":"Research Security\u00a0","item":"https:\/\/research.ncsu.edu\/administration\/compliance\/research-compliance\/research-security\/"},{"@type":"ListItem","position":5,"name":"Research Security: Data Security and Management"}]},{"@type":"WebSite","@id":"https:\/\/research.ncsu.edu\/administration\/#website","url":"https:\/\/research.ncsu.edu\/administration\/","name":"Research Administration and Compliance","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/research.ncsu.edu\/administration\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/pages\/16446","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/comments?post=16446"}],"version-history":[{"count":9,"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/pages\/16446\/revisions"}],"predecessor-version":[{"id":16680,"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/pages\/16446\/revisions\/16680"}],"up":[{"embeddable":true,"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/pages\/14610"}],"wp:attachment":[{"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/media?parent=16446"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/research.ncsu.edu\/administration\/wp-json\/wp\/v2\/tags?post=16446"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}