Data has become the new currency—every type of data matters. Canadian research organizations and businesses focused on innovation possess and generate significant amounts of critical information, such as sensitive research data. However, higher education institutions face heightened exposure to cybersecurity risks. They operate like open environments where interactions and collaborations occur frequently among students, faculty members, researchers from various educational bodies, government entities, and commercial sectors.
These entities face threats from government-backed espionage activities and advanced ransomware assaults. The dangers posed to confidential research information and Canadian intellectual property (IP) have escalated unprecedentedly. Nevertheless, present methodologies for managing research data remain disjointed, thereby increasing vulnerability to major cybersecurity hazards.
The present condition of research data security resembles a piecemeal approach to managing risks.
A recently published survey from a well-regarded Canadian U15 university (whose name will remain undisclosed since this issue isn’t exclusive to one school) revealed that many lead researchers depend on unsafe techniques for managing confidential study information like student computers, laboratory servers, outside hard drives, and USB sticks.
Although convenient, such improvised methods often fall short of adhering to data security and privacy laws. Utilizing commercial cloud storage services without institutional supervision may introduce weaknesses that could result in data breaches, unauthorized access, and the potential loss of important research.
These practices are entirely unacceptable and insecure for handling significant research data.
A further challenge lies in the rapid evolution of research information security within higher education institutions, driven by stringent regulatory demands and directives from funding agencies. Despite this, even when universities' IT divisions offer protected storage spaces, these areas frequently struggle with enabling seamless external partnerships.
Research naturally spans globally, necessitating data exchange among various institutions, nations, and legal boundaries. Without standardized, expandable, and regulation-abiding research data management solutions, researchers end up navigating through organizational constraints, which amplifies potential security concerns.
This change is fundamentally altering the way IT organizations are addressing researcher support needs.
They are currently participating in a greater number of discussions about:
- What is the essence of the research, what data will be gathered, where does this information come from, and how will it be utilized or disseminated?
- What regulatory obligations must researchers adhere to?
- How can IT assist researchers effectively?
- What new services should they include in their lineup?
- What roles can vendors and solution providers play to support these changes?
Regulatory compliance is a growing burden on research institutions
The legal environment surrounding research data protection is intricate and constantly changing. Higher education institutions have to manage various regional regulations.
A few of the more readily identifiable ones include:
- HIPAA (Health Insurance Portability and Accountability Act, U.S.): Managing the safeguarding of health care research information.
- PHIPA (Personal Health Information Protection Act, Canada) Comparable to HIPAA, but tailored specifically for Ontario.
- The Personal Information Protection and Electronic Documents Act (PIPEDA), Canada: Regulating the usage and sharing of individual information across various industries
- GDPR (General Data Protection Regulation, EU) Regulating the safeguarding of personal information for EU citizens, impacting global research partnerships.
- NIST 800-171 (U.S.): Recently implemented for all federally financed research involving controlled unclassified information (CUI), this has considerably affected researchers who receive U.S. funding.
Given that educational institutions are already stretched thin when it comes to resources, their IT teams find it challenging to monitor and ensure adherence to the various regulations. Additionally, each field of study has distinct needs regarding how data should be managed. – biomedical research, social sciences, engineering and AI each generate distinct data sets with varying sensitivity levels and access control needs and collaboration requirements.
Given these complexities, expecting university IT to provide a one-size-fits-all solution is unrealistic.
A new approach leveraging Saas and blockchain for secure research c ollaboration
We believe the solution to these challenges lies in purpose-built, state-of-the-art SaaS platforms that prioritize cybersecurity, regulatory compliance and researcher-friendly usability and collaboration.
myLaminin is at the forefront of this movement, offering a secure RDM platform specifically designed with and for principal investigators (PIs) to meet the needs of modern research. Some notable platform highlights include:
Strong teamwork and contract administration: The capability to effortlessly work alongside international teammates while upholding data sovereignty and accuracy, along with an incorporated electronic signature feature for managing intellectual property, data sharing, publications, or non-disclosure agreements.
End-to-end encryption along with role-based access control: Sensitive research information needs to be encrypted during transmission and when stored. MyLaminin employs robust encryption methods and adopts a zero-trust architecture (ZTA) to guarantee that only approved persons can view this data.
Interjurisdictional adherence and automated oversight: MyLaminin is designed to comply with regulations such as PIPEDA, GDPR, HIPAA, PHIPA, and NIST 800-171, along with various others. Through integrated automation for monitoring compliance and enforcing policies, this system alleviates the regulatory load from both IT teams and researchers.
Robust data repository management: A versatile research data repository offering functionalities for uploading, downloading, conducting analyses, and collaboratively editing documents, which supports both cloud-based and on-site storage solutions.
Blockchain for data integrity and provenance: Blockchain technology enables immutable records of research data transactions, ensuring transparency, reproducibility and auditability. This is crucial to maintaining the credibility of research findings in journal articles and preventing data manipulation or theft.
AI-driven compliance monitoring and cloud architecture: Our compliance tracking software monitors our adherence to various security frameworks and delivers real-time notifications to assist institutions in staying ahead of regulatory changes.
Effortless worldwide teamwork without sacrificing security: MyLaminin's platform facilitates collaboration between different institutions and countries while keeping sensitive research data protected. It allows for managed and trackable access to information across various legal boundaries, thereby assisting researchers in working together effortlessly without breaching data sovereignty.
Comprehensive data gathering (eSurvey) and research ethics committee (REB) components: Assess capabilities for collecting both traditional and longitudinal data, ensuring support for Protected Health Information (PHI), medical terminologies, various time zones, and participant consent forms. Additionally, include an REB module that offers flexibility and accommodates institutional-specific forms and processes.
Enhancing Canada’s Research Security Position
Cybersecurity isn’t merely a technological hurdle; it’s an essential component for fostering ethical research, driving innovations, and enhancing international market position. Educational establishments should implement contemporary, adaptable strategies to safeguard their scholars, finances, and proprietary knowledge.
At myLaminin, we hold the belief that secure, compliant, scalable, and accessible Research Data Management (RDM) is crucial for maintaining Canada’s position at the forefront of innovation. By utilizing advanced technologies such as blockchain, we provide a cutting-edge RDM solution designed to protect confidential research data while fostering greater collaboration within today’s intricate regulatory landscape.
The future of Canadian research depends on adopting advanced cybersecurity measures and purpose-built RDM solutions. With myLaminin, institutions can confidently transition from the practices of the early 2000s to ensure their research activities are secure, ethical and globally impactful.
Ash Bassili serves as the CEO of myLaminin with a dedication to aiding researchers in speeding up the pace of innovation. Learn more here: https://www.mylaminin.net
This part is energized by Revenue Dynamix Revenue Dynamix offers cutting-edge marketing solutions tailored to assist IT professionals and companies succeed within the Canadian marketplace. They provide valuable insights and tactics that foster expansion and achievement throughout all sectors of enterprise IT.