1. Data Confidentiality & Privacy Protection Intellectus prioritizes data confidentialityand employs industry-standard security measures to protect sensitive and personallyidentifiable information (PII). Data encryption is applied both in transit (using TLS 1.2+)and at rest to safeguard against unauthorized access. Role-based access controlsensure that only authorized personnel can access user data.
2. Compliance with Regulatory Standards While Intellectus is not specificallydesigned for storing Protected Health Information (PHI), we align with best practices forde-identification as outlined in the HIPAA Privacy Rule. Researchers are advised to deidentify PHI before uploading data.
3. Data Retention & Deletion Policy Intellectus retains user data only as long asnecessary to provide services. Users may request deletion of their data at any time bycontacting support. Automatic data purging occurs based on established retentionpolicies, ensuring that outdated or unnecessary data is securely removed.
4. Third-Party Data Sharing & Cloud Storage Intellectus engages third-party serviceproviders for infrastructure, IT services, and analytics. All third-party providers are vettedto meet industry security standards. User data is never used to train third-party AImodels. Additionally, all data is stored in secure, geographically distributed data centerswith strict access controls.
5. Data Breach & Incident Response Plan In the event of a data breach, Intellectusfollows a structured incident response plan, including:
• Immediate assessment and containment of the breach.
• Notification of affected users within legally required timeframes.
• Coordination with relevant regulatory bodies and cybersecurity experts tomitigate risks.
• Implementation of corrective actions to prevent future incidents.
6. User Consent & Data Ownership Users maintain full ownership of their uploadeddata. Intellectus does not claim rights over user research data and does not use usergenerated content for purposes beyond service delivery. Researchers are encouragedto obtain informed consent from study participants before storing data on the platform.
7. Anonymization & De-Identification To enhance security, Intellectus recommendsde-identification of sensitive datasets before uploading. Users should remove directidentifiers (e.g., names, social security numbers) and apply anonymization techniqueswhere applicable. Researchers can leverage guidance from regulatory bodies to ensurecompliance with data protection standards.
8. Use of Large Language Models (LLMs) Intellectus integrates LLMs for enhanceduser experience, including natural language processing and analytical support. Userdata processed by LLMs is not stored or used for model training. All interactions aresubject to strict security protocols to prevent exposure of sensitive information.
9. Researcher Responsibilities & Best Practices
• Ensure proper de-identification of sensitive data before upload.
• Adhere to IRB and institutional data security policies.
• Regularly review and manage stored data to minimize security risks.
• Utilize strong authentication and access controls for research team members.
For additional questions regarding IRB compliance and data security, please contact:info@intellectus360.com
