Research data, particularly when containing information about human subjects or health information, may have to be anonymized or safeguarded in very specific ways in order to maintain privacy restrictions. Institutional library collections may also be subject to donor or data privacy restrictions that need to be accounted for. It is likely that every potential stakeholder involved in the process of data preservation will have some specific requirements for security and control, and it will be necessary to place privacy restrictions on data that may contain sensitive information. As custodians of information, librarians can take measures to keep data private such as building privacy policies and implementing security measures to safeguard against potential threats to research data.
The Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Accountability Act (HIPAA), and Institutional Review Boards (IRBs) are the most commonly used federally mandated privacy policies. FERPA is a Federal law that protects the privacy of student education records; HIPAA is responsible for protecting the privacy of individually identifiable health information, and IRBs are used for the approval of research activities involving human subjects.