A large and growing body of social science research uses personal information from research subjects—often collected in collaboration with non-academic partners like private enterprise, governments, or NGOs. Consideration of the complex data security obligations and obstacles that come along with academic/practitioner collaboration, however, has been piecemeal, and actual security practices vary widely from project to project. Identifying and implementing “good practices” depends on the scruples and best judgment of individual research teams because discipline-wide best practices are insuﬃciently consolidated. This essay makes three preliminary contributions toward the development of best practices. First, it proposes a general set of imperatives/obligations against which data security practices can be measured, and then identiﬁes the primary threats to fulﬁlling these obligations. Second, it elaborates on the particular threats to data security that come along with practitioner partnerships. Finally, it suggests a non-exhaustive range of data-security practices to address diﬀerent threats, and demonstrates in appendices how three oﬀ-the-shelf tools can be used to ameliorate threats to data security, especially in collaborative projects.