There are various types of data which require varying degrees of access controls and auditing in place in order for OSC to support it.
Health Insurance Portability and Accountability Act (HIPAA):
There are other facets to this term, but the most relevant is that it requires strict controls with regards to Protected Health Information (PHI) being stored. OSC does not currently support this type of data.
There are controls put in place by government relating to whether certain sensitive software or data can be shared with other countries.
International Traffic in Arms Regulation (ITAR):
Data relating to military use.
Export Arms Regulation (EAR):
All other export control items not classified under ITAR.
NIH Genomic Data Sharing Policy:
Even though this data is deidentified, there are controls that need to be maintained so that only authorized individuals can access the data.