Cloud storage is physical servers and environments owned and managed by a hosting company. Placing data into such services entails many risk factors such as
- How do you know who has access to the research data
- How do you ensure only those authorized to access the data have access to it
- How do you know the cloud provider will deny access to your research data
- Data in cloud are the most susceptible to being hacked without security measures in place
Vendors outside of UW-Madison such as Google Suite, Amazon Azure, and Drop Box are not approved storage solutions for DOM research data.
DOM IT has several technical solutions to meet research needs and the ability to create new technical solutions that are secure and managed locally, contact DOM IT for further assistance.
If cloud solutions are still necessary, contact DOM IT to assist with evaluating vendor services such as cloud data storage and software procurement. DOM IT will work with SMPH Director of Cybersecurity and the UW-Madison Office of Cybersecurity to review technical controls with vendors and arrange for a business associates agreement if approved.
Important note about working with Protected Health Information (PHI): G Suite should not be used by UW-Madison faculty, staff, and students interacting with electronic PHI protected by HIPAA regulations. If you are a part of the UW-Madison Health Care Component, contact your HIPAA Privacy or Security Coordinator with questions about the applications best suited for creating, storing, and sharing PHI.