Data Management, Security, and Ethics

As AI becomes more deeply integrated into sports performance, our responsibility to manage data ethically and securely is paramount. At the University of Florida, we’ve taken a deliberate, forward-thinking approach to building systems and protocols that prioritize privacy, informed consent, and the long-term well-being of our student-athletes. Rather than rushing to adopt emerging technologies without oversight, we are committed to establishing a strong foundation rooted in trust, transparency, and best practices. Our goal is to lead by example and set a national standard for how athletic data should be collected, protected, and used responsibly.

A cornerstone of our AI-Powered Athletics mission is the ethical, secure, and intentional management of sensitive athlete data. As the use of data-driven technologies in sports continues to grow, we are committed to setting the standard for responsible data practices – prioritizing privacy, security, and ethical integrity at every step.

To store and manage our databank of student-athlete information, we use HiPerGator, the University of Florida’s high-performance computing environment. HiPerGator supports research that falls under both HIPAA and FERPA guidelines and provides advanced protections for sensitive and regulated data. With robust encryption, access control, regular audits, and secure file transfer protocols, HiPerGator offers an environment that meets or exceeds national standards for research data security. Its infrastructure is designed to safeguard both health-related and academic records, which is essential for research involving student-athletes.

All student-athlete data in our system are stored securely with access limited to approved internal users. When data is shared externally for research purposes, it is de-identified to protect athlete privacy. In addition to these safeguards, any project requesting access to student-athlete data must go through multiple levels of review to ensure appropriate use, including:

Approval by the University of Florida Institutional Review Board (IRB) to ensure the protection of human subjects;
Internal review by a Data Governance Committee, which evaluates project intent and data access requirements;
Review by the UAA Research Sub-Committee, focused on alignment with team priorities and ethical use of data.

These steps reflect our proactive stance: we don’t just comply with data ethics – we lead in shaping what responsible AI-powered sports science looks like.

If you have questions about our approach or are interested in learning more, please reach out to us at aipoweredathletics@eng.ufl.edu.

FAQ

Is any personal or identifying information linked to the athlete data?

Identifiable information such as name, UFID, date of birth, and other relevant details are stored internally to support the effective management of the databank and ensure accurate tracking of student-athlete information over time. However, when data is shared externally for research, all data is de-identified to protect athlete privacy.

Who can access the data collected on athletes?

Access is strictly limited. Only approved researchers and staff – who have completed all required HIPAA and FERPA training – can access de-identified data. Every project must pass through the IRB and two internal review committees before gaining any access.

What protections are in place to keep the data secure?

We use HiPerGator, UF’s secure high-performance computing system. It meets HIPAA, FERPA, and HITRUST standards, with rigorous encryption, access control, and secure transfer protocols.