120 Data Security Policies JOHNS HOPKINS UNIVERSITY Policy on Access and Retention of Research Data and Materials http://dms.data.jhu.edu/wp-content/uploads/sites/27/2016/08/JHUDataRetentionPolicy2008_ WithAppendices.pdf APPENDIX IV Approved Methods of Archival for Research Data 1. Requirements for the recording and storage of Research Data and material will vary by discipline. Primary Responsible Investigators should always adhere to guidance provided by funding bodies, professional guidance where available, any principles set out on the division level as well as the University’s recommendation as outlined below and in records management policies endorsed by the Chief Information Officer (CIO). 2. Research Data should be stored using a method that permits a complete retrospective audit if necessary. Unless ethical/professional/local or funding body guidance requires otherwise, Research Data should be archived in a durable form and in a secure location that is immune to subsequent tampering and falsification for a minimum period of 5 years after the date of any publication upon which it is based. It is recommended good practice that evidence for research based on clinical samples or relating to public health should be retained as required by the funding agency, federal laws, or other policies of the University.