NIH Issues Reminder on Safeguarding Electronic Research Data
“Cybersecurity risks in biomedical research are continually evolving, threatening the integrity of our science and the public’s trust in our findings. It’s up to each one of us to mitigate these risks by staying vigilant, working together, and following the policies that are in place to protect our people and our science.” That’s the word from Michael Lauer, deputy director for extramural research, at the start of National Cybersecurity Awareness Month. In a post on his Open Mike blog, Lauer explained that NIH’s grants policy statement obligates awardees to safeguard “sensitive and confidential data as part of proper stewardship of federally funded research.”
This includes not keeping “sensitive and confidential information about NIH-supported work on portable electronic devices”; ensuring data are encrypted; implementing “proper controls to limit access to personally identifiable information”; transmitting data only “when the security of the systems on the other side is known”; and taking “all reasonable efforts to prevent sensitive personal information, such as that held within online systems at your home institution, from being inadvertently lost, released, or disclosed.” Organizations must comply with the Federal Information Security Act, which includes the perhaps “annoying” requirement to change passwords on NIH’s electronic Research Administration system every 120 days. “If you or your institution experiences an incident or breach, immediately report it to the NIH grants management specialist identified on your award and provide a copy of the report to your program official,” Lauer added.
Saying that all leaders in academic medicine—including within his own organization—“must step up and transform rhetoric into action,” David Skorton, president and CEO of the Association of American Medical Colleges, released the “AAMC Framework for Addressing and Eliminating Racism at the AAMC, in Academic Medicine, and Beyond.” Issued Oct. 6, the framework contains “four pillars of work that will guide the AAMC’s efforts ‘to create a shared vision of the AAMC and academic medicine institutions as diverse, equitable, inclusive, and anti-racist organizations.’” These address “individual self-reflection on systemic racismand its manifestations in the workplace and beyond” and anti-racism efforts within the AAMC, the academic medical community and the broader community. The framework, AAMC said, “is designed to guide and inspire the academic medicine community to begin addressing decades of structural racism within medicine.”
AAMC plans to hire an “outside consultant to guide staff; establishing diversity, equity, and inclusion advisors within the organization; examining hiring, retention, and advancement policies,” and will hold “staff accountable for racial inequities in the workplace.” It is collaborating with academic medical centers “to advance anti-racism efforts within medicine,” as well as “advocating for change around health inequities affecting vulnerable communities” and partnering with local community organizations to affect change in the Washington, D.C., region” where AAMC is based. “Like many of you, I have felt increasingly distraught by the ongoing and repeated incidents of police brutality against those in the Black community, and by the struggles of my Black friends, neighbors, and colleagues who suffer on a daily basis from the historically dehumanizing and damaging effects of structural racism,” said Skorton.