Institutional Review Board Compliance and Data Security Overview

This document is a guide that outlines the compliance and data security measures implemented by Intellectus. It details the importance of data confidentiality and privacy protection, emphasizing the use of industry-standard security measures such as data encryption and role-based access controls. The guide explains compliance with regulatory standards, particularly regarding the handling of Protected Health Information (PHI) and the necessity for de-identification before data upload. It also covers the data retention and deletion policy, stating that user data is retained only as long as necessary and can be deleted upon request. The document describes the protocols for third-party data sharing and cloud storage, ensuring that all providers meet security standards. In addition, it presents the data breach and incident response plan, detailing steps for assessment, notification, and corrective actions. Lastly, it highlights user consent, data ownership, and best practices for researchers regarding data security and compliance.