Ask.Cyberinfrastructure

Best practices for compliance with requirements for private and/or personally identifiable data

What practices do groups adopt to ensure their systems are consistent with requirements for private and/or personally identifiable data?