The Virginia-HSD Qualtrics Research Suite website is intended for use to collect data that is considered highly sensitive data as defined by Data Protection Policy
. Such data is any personal information that can lead to identity theft if exposed and health information that reveals an individual’s health condition and/or history of health services use. Examples include data protected by HIPAA regulations, social security numbers, and driver’s license numbers.
All data in the Virginia-HSD Qualtrics Research portal must be treated as highly sensitive data. Data and results exported from the Virginia-HSD Qualtrics Research Suite must be protected and managed appropriately according to UVA’s Data Protection standards and procedures
. Guidance regarding these guidelines and data types is available from UVa Information Security, Policy, and Records Office (ISPRO) by emailing IT-Security@virginia.edu
Data specifically NOT permitted to be collected or stored on the Virginia HSD Qualtrics Research portal
: export controlled data (e.g., ITAR), data covered by FISMA or DFARS 252.204-7012, credit card or other data containing financial account information (e.g., bank account). The Virginia-HSD Qualtrics Research portal is not configured to meet the controls required for these type data. You are responsible for ensuring that the Virginia-HSD Qualtrics Research portal is an appropriate environment for the data and is urged to contact Information Security, Policy, and Records Office (ISPRO) at IT-Security@virginia.edu
for assistance in making this determination.