Protected Data Storage

Resource Icon: OSC Protected Data Storage

OSC's Protected Data Storage (PDS) is designed to address the most common security control requirements encountered by researchers while also reducing the workload on individual PIs and research teams to satisfy these requirements.

Protected Data at OSC

The OSC cybersecurity program is based upon the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Revision 4 requirements for security, and reflects the additional requirements of established Information Technology (IT) security practices.

OSC currently supports the following protected data types.

  • Health Insurance Portability and Accountability Act (HIPAA)
  • Export Control data
    • International Traffic in Arms Regulations (ITAR)
    • Export Administration Regulations (EAR)
  • Personally Identifiable Information (PII) / Personal Health Information (PHI)
  • Research Health Information (RHI)
  • Proprietary Data

If you need support for a data type that is not listed, please contact OSC Help to discuss.

OSC only provides support for unclassified data processing, regardless of the specific category of that information. No support for data classified at secret or above is provided, and researchers should not, under any circumstance, transfer such data to OSC systems.

Getting started with the Protected Data Service at OSC

OSC's PDS was developed with the intent of meeting the security control requirements of your research agreements and to eliminate the burden placed on PIs who would otherwise be required to maintain their own compliance infrastructure with certification and reporting requirements.

In order to begin a project at OSC with data protection requirements, please follow these steps:

Contact OSC

Send an email to oschelp@osc.edu and describe the project's data requirements.

Consultation

You will hear back from OSC to set up an initial consultation to discuss your project and your data. Based on your project and the data being used, we will request the necessary documentation (data use agreements, BAA, MOU, etc).

Approval

Once OSC receives the necessary documentation, the request to store data on the PDS will be reviewed, and if appropriate, approved.

Get started

Once OSC receives the necessary documentation, the request to store data on the PDS will be reviewed, and if appropriate, approved.

Please visit the getting started documentation for starting research at OSC and the various other pages regarding protected data, including: