Skip to main content
Learn about the PRDN

Learn about the PRDN

Duke Research Data Security The Protected Research Data Network provides a flexible and secure environment where researchers can securely access and analyze their restricted or sensitive data. Below are answers to some commonly asked questions about the PRDN.

 

 

When should I consider using the PRDN for my data?

Consider using the services of the Protected Research Data Network when you will be working with data (primary and/or secondary) that are classified as Sensitive or Restricted according to the Duke standard (such as data protected by HIPAA,  FERPA, or other regulations, human subjects research data, controlled unclassified information, and data protected under a data use agreement or similar contract). The PRDN can be used for both primary and secondary data analysis and storage.

The RDS team provides both technical and administrative support and can customize features specific to the user and data provider requirements. The RDS team sets up and manages this secure enclave in which you can store and analyze your sensitive or restricted project data. We can also help you with your documentation needs, including IRB protocol drafts, data use or data security agreements, and educational project agreements.

Who can use the PRDN services?

We support students, faculty, and academic program staff from departments, schools, and institutes across the Duke campus, including Economics, Political Science, Psychology & Neuroscience, Statistics, the Fuqua School of Business, the School of Law, the Sanford School of Public Policy, and the Duke Institute for Brain Sciences. We also support Duke Health staff and students working with third party data that is not from Duke Health.

Students in programs such as Data+, MIDS (Master in Interdisciplinary Data Science), and MQM (Master of Quantitative Management) also make use of the Research Data Security team services and the PRDN. 

What are the computational and storage capabilities of the PRDN?

We provide and support Windows and Linux virtual machines (VMs) in various sizes averaging 4-8 CPUs and 16-32 GB RAM. We offer GPU and high performance computing, and a wide assortment of quantitative and qualitative analytical tools. Custom sizes and configurations are also available.  Storage is hosted on the OIT’s storage space and is expandable to your needs from megabytes to terabytes.

I'm interested in talking to the Research Data Security team about using the PRDN. How do I begin?

The most efficient way to get started is to first tell us about your project using our survey. (You may also email us, call us, or even stop by any of our offices in Gross Hall). You don't need to have all the details of your project worked out, just fill in what you can and we will contact you to set up an initial planning meeting.

What kind of documentation do I need for my data?

It is important to understand and keep track of the various documents related to your data both before and after you begin working in the PRDN.

If you are analyzing existing (secondary) data about human subjects: The Campus or Health System IRB must review your research before it begins. Only the IRBs can determine if your project meets the requirements for conducting research with human subjects, approve your study activities, or declare them to be exempt from ongoing review. In general, use of secondary identifiable data will require a data use agreement with the data provider sufficient to comply with both Duke’s and the data provider’s requirements for protecting the data. That agreement will be reviewed as part of the IRB approval process.

If you are analyzing existing data that is not about human subjects but is Sensitive or Restricted by Duke's standard: Proprietary corporate data or government data are the most common examples of this data type. Various types of documentation and/or contracts may be required by the data providers. In general, use of these types of data will also require a data use agreement that is sufficient to comply with both Duke's and the data provider's requirements for protecting the data. The agreement will be signed by a Duke official (not by a PI, program manager, or other researcher).

If you are collecting your own identifiable data: The request for protocol approval requires different forms and informed consent, but the rules above still apply.

If you are using Duke Health data: While the PRDN can be used for all kinds of protected identifiable data, including PHI, Duke Health allows only de-identified Duke Health data to be transferred to the PRDN.

In all cases:

  • Changes to your study or data: The project approval documentation defines the purposes for which the data can be used by approved study team members. Changes to study team membership require IRB approval and may require the approval of the data provider as well. If both the DUA and IRB protocol need to be amended, the IRB should be amended first. Before adding new research questions or new data (even data that is publicly available), you also need to obtain appropriate approvals from the IRB and secondary data provider. Data use approval is study specific, so you must obtain approval to reuse the data from your data provider for another study or to change the research questions (or add additional data) in an existing study.
  • Keeping documents up to date: Data stored and analyzed in the PRDN must have current approvals. DUAs may be approved for a fixed period of time or for the duration of the project. IRB approval is for one year. Protocol renewals should be submitted 30-60 days before expiration.  In order to maintain access to PRDN resources, send us copies of your renewals before the previous documents expire.

 

Helpful tips for the PI or Data Manager

Actively Manage Collaboration and Dissemination

How you as the PI manage collaboration on papers and presentations depends on study requirements, team structure, your own preferences, and other factors. Establishing a required research flow process to support replication and dissemination of your results is an essential early step. For example, you might provide a controlled location (such as a Box folder) for research team members to deposit their work for your review. Configure it so that only you or select team members can remove items from that location. However you approach collaboration and dissemination, make sure that it allows you to identify and address any problems with the materials before they are submitted or presented.

Duke SSRI

Durham, NC 27708 | 919.681.6019

SSRI

Gross Hall, 2nd Floor
140 Science Drive
Durham, NC 27708

SSRI

Erwin Mill Building
2024 W. Main St.
Durham, NC 27705

Social Media

Follow @dukessri on twitter