UW Privacy Office

Research Data Domain

Last updated on February 26, 2024

EAR: Export Administration Regulations

Last updated on February 26, 2024

Export Administration Regulations

Regulates technologies, commodities, and software that are considered ‘dual-use’. That is, the item and information may have a legitimate scientific or commercial purpose, the misuse of which could cause a threat to national security.

Enforcement Authority Bureau of Industry and Security, United States Department of Commerce
Subject Matter Expert(s) Jasmine Campbell
Situation Transfer of export-controlled information and/or items (e.g. technology, software, materials, or equipment) in or out of the University. Sharing of export-controlled information with foreign nationals, whether on campus, off-site, or abroad.
Data Types Research – Classified, Proprietary, and Restricted
Data Sets (and Population) Export Controlled Information
Website BIS – Commerce Control List

FISMA: Federal Information Security Management Act

Last updated on February 26, 2024

Federal Information Security Management Act of 2002

Requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

Enforcement Authority United States Office of Management and Budget
Subject Matter Expert(s) n/a
Situation Grant/Contract requires FISMA compliance.
Data Types Research – Classified, Proprietary, and Restricted
Data Sets (and Population) n/a
Website CSRC – Federal Information Security Modernaization Act

Human Subjects: 21 CFR 50

Last updated on February 26, 2024

Food and Drug Administration Code of Federal Regulations

Outlines requirements for informed consent as well as additional safeguards for children.

Enforcement Authority Food and Drug Administration
Subject Matter Expert(s) Karen E Moe
Situation FDA regulated research.
Data Types
  • Children
  • Research – Human Subjects
Data Sets (and Population) n/a
Website US FDA – Code of Federal Regulations Title 21

Human Subjects: 45 CFR 46

Last updated on February 26, 2024

Protection of Human Subjects (Code of Federal Regulations Title 45 Part 46)

Applies to all research involving human subjects conducted, supported or otherwise subject to regulation by any federal department or agency which takes appropriate administrative action to make the policy applicable to such research.

Enforcement Authority Office for Human Subjects Protection, Health and Human Services and/or some Agencies funding research
Subject Matter Expert(s) Karen E Moe
Data Types Research – Human Subjects
Data Sets (and Population) n/a
Website HHS – 45 Code of Federal Regulations 46

Informed Consent: 28 CFR 46.117

Last updated on February 26, 2024

28 CFR 46.117 Documentation of Informed Consent

Enforcement Authority n/a
Subject Matter Expert(s) Karen E Moe
Data Types Research – Human Subjects
Data Sets (and Population) n/a
Website ECFR – Documentation of Informed Consent

IRB Criteria: 21 CFR 56

Last updated on February 26, 2024

Institutional Review Board Criteria – 21 CFR 56

Defines criteria for approval of research involving human subjects.

Enforcement Authority n/a
Subject Matter Expert(s) Karen E Moe
Data Types Research – Human Subjects
Data Sets (and Population) n/a
Website ECFR – Institutional Review Boards

ITAR: International Traffic and Arms Regulations

Last updated on February 26, 2024

International Traffic and Arms Regulations

Regulates technologies, products, and information that are inherently military in nature. The products and information controlled are referred to as “defense articles,” “defense services,” and “technical data.”

Enforcement Authority Department of State, Directorate of Defense Trade Controls
Subject Matter Expert(s) Jasmine Campbell
Situation Research has been identified as being military in nature.
Data Types Research – Classified, Proprietary, and Restricted
Data Sets (and Population) n/a
Website DOS – The International Traffic in Arms Regulations

NISP: National Industrial Security Program

Last updated on February 26, 2024

National Industrial Security Program

Executive Order 12829 established the National Industrial Security Program to achieve cost savings and to protect classified information held by contractors, licensees, and grantees of the United States Government. Executive Order 13526 established a uniform system for safeguarding, classifying, and declassifying national security information.

Enforcement Authority
  • Information Security Oversight Office
  • National Security Council
Subject Matter Expert(s) Ben Adams
Situation Grant or contract involves access to designated sensitive US Government information.
Data Types Research – Classified, Proprietary, and Restricted
Data Sets (and Population) National Security Information
Website

Prison Records: 28 CFR 512.11

Last updated on February 26, 2024

28 CFR 512.11 – Bureau of Prisons Records for Research

Enforcement Authority n/a
Subject Matter Expert(s) Karen E Moe
Data Types Research – Human Subjects
Data Sets (and Population) n/a
Website Bureau of Prisons (pdf)

Release of Records: RCW 42.48

Last updated on February 26, 2024

42.48 RCW – Release of Records for Research

Applies to the release of individually identifiable personal records for research purposes without the informed consent of the person.

Enforcement Authority Washington State Attorney General
Subject Matter Expert(s) Karen E Moe
Contact Email hsdinfo@uw.edu
Situation This RCW’s definition of Individually Identifiable is nebulous, therefor the OSP maintains a list of records and circumstances.
Data Types Research – Human Subjects
Data Sets (and Population) n/a
Website WSL – Chapter 42.48

Trade Sanctions

Last updated on February 26, 2024

Office of Foreign Assets Control – Sanctions Programs

Enforcement Authority US Dept of Treasury, Office of Foreign Assets Control
Subject Matter Expert(s) Jasmine Campbell
Situation OFAC produces a lists of countries, entities, and individuals with whom we may not do business.
Data Types Research – Classified, Proprietary, and Restricted
Data Sets (and Population)
  • National Industrial Security Program Information
  • National Security Information
Website US Treasury – Office of Foreign Assets Control