Privacy and Research Information Management Systems

Abstract

ABSTRACT This article is a case study of privacy considerations in the adoption of a Research Information Management (RIM) System. RIM Systems collect, store, and link together metadata for research, service, grants, and teaching activities. Sometimes called Current Research Information Systems (CRIS) or Faculty Activity Reporting (FAR), these systems enable institutions to collect data from different internal systems and combine it with external information, providing a more holistic perspective on university activity. They provide a single, authoritative source of this data and allow for multiple stakeholders (i.e. faculty, administration, IT, HR, library, communications) to query, analyze, download, visualize, and share it. Oklahoma State University (OSU) recently adopted a RIM System, which is being implemented and supported by the OSU Libraries. A defining factor in the decision making process for product selection was how each system addressed issues around privacy. This case study will review some of the central data privacy considerations at play in the adoption of RIM Systems at both the institutional and individual level. This will include data sharing, ownership, retention, right to reuse data, data deletion obligations upon contract termination, user access to privacy policies, and user data controls. Questions to ask before adoption, key institutional players in discussions of privacy, and issues that may arise after adoption of a Research Information Management System will also be addressed.