Google Apps Services Allowable Data Use
Use of cloud storage services offered by UC Santa Cruz must comply with applicable university and campus policies, notably policies relating to the protection of university data and the UC Electronic Communications Policy.
The University of California has a contract with Google. More information on UC Google Apps for Education contract.
The table below, which is based on the UC Santa Cruz Data Classification Standard and university negotiated agreements, helps you safeguard information for which the campus and you are a steward. Always employ due care when handling sensitive information.
Data Type |
Allowed |
Notes |
ePHI and other health or medical information |
No |
May be subject to HIPAA and additional protections |
SSNs, Passports, Drivers License |
No |
|
Financial Account Numbers (including Credit Cards) |
No |
May be subject to PCI-DSS regulations and additional protections |
Export Controlled Data |
No |
Google Data Centers are worldwide |
Logon Credentials |
No |
|
FERPA protected Student Records (non-health) |
Yes |
Does not include medical records or personal health information protected by FERPA |
Personnel Records |
Yes |
Does not include personally identifiable information http://its.ucsc.edu/security/pii.html |
Research Data |
Yes |
Data may have specific control requirements from sponsors, check before using. |
Human or Animal Subject Information |
TBD |
Contact Office of Research Compliance Administration. Data may have specific control requirements, check before using. |
Other P4 Data |
No |
|
Other P3 Data |
Yes |
|
Non-Confidential, Public Information |
Yes |
See http://infopractices.ucsc.edu/faqs/ for more on public information |