COGR, representing over 220 U.S. research institutions, submitted comments to the National Telecommunications and Information Administration (NTIA) regarding the...
Privacy, Confidentiality & Data Security
Addresses federal requirements and practices for data integrity, privacy, confidentiality, and data security.
Featured
COGR Responds to USDOJ’s Notice of Proposed Rulemaking—Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons
COGR, representing over 220 U.S. research institutions, submitted comments on the Department of Justice’s proposed rule aimed at restricting access to U.S. sensitive...
UPDATED: Summary of Recent Significant Updates to the NIH Genomic Data Sharing Policy
This document summarizes significant recent updates to the NIH Genomic Data Sharing (GDS) Policy, focusing on new and stricter cybersecurity requirements and access...
Resources
Point of Contact
Krystal Toups
Director, Contracts & Grants Administration
All Privacy, Confidentiality & Data Security Articles
May 2025 COGR Update
The May 2025 COGR Update provides an overview of recent federal policy changes, regulatory actions, and litigation that are significantly reshaping research administration and compliance. COGR highlights challenges posed by new indirect cost caps, increased regulatory and reporting burdens, grant terminations, and evolving agency requirements—including those related to foreign subawards, public ac
COGR February 2025 Update
The February 2025 COGR Update provides a detailed account of significant regulatory, policy, and administrative changes impacting U.S. research institutions, driven largely by executive orders from the Administration that restrict DEI programs, roll back regulations, and alter research funding and compliance practices. It highlights widespread operational disruptions, legal challenges over reduced
Considerations for Cloud Computing - February 2020 Meeting
The document outlines a discussion by a cloud workgroup at the February 2020 COGR Meeting regarding the complexities research institutions face with cloud computing. The history section traces the evolution of cloud services from Amazon’s AWS debut in 2006 to key policy milestones and reports, highlighting the emergence of indirect cost (Facilities & Administrative, or F&A) considerations
The EU GDPR: Implications for U.S. Universities and Academic Medical Centers: February 2018 Meeting
This document provides a thorough analysis of the European Union’s General Data Protection Regulation (GDPR) and its implications for U.S. universities and academic medical centers (AMCs). With the GDPR’s enforcement from May 25, 2018, data privacy requirements have become more stringent and possess a notably broader extraterritorial reach compared to the previous Data Protection Directive. The re
June 2017 Presentation: Under Pressure Management Compliance
The document summarizes key points from a COGR (Council on Governmental Relations) meeting held in Washington, DC, focusing on the management, compliance, and costs associated with implementing NIST SP 800-171 standards at the University of Central Florida (UCF). It presents an overview of UCF's project portfolio related to these cybersecurity controls, noting significant growth between 2016
