Google Apps Services Allowable Data Use

Use of cloud storage services offered by UC Santa Cruz must comply with applicable university and campus policies, notably policies relating to the protection of university data and the UC Electronic Communications Policy.

The University of California has a contract with Google. More information on UC Google Apps for Education contract.

The table below, which is based on the UC Santa Cruz Data Classification Standard and university negotiated agreements, helps you safeguard information for which the campus and you are a steward. Always employ due care when handling sensitive information.

Data Type

Allowed

Notes

ePHI and other health or medical information

No

May be subject to HIPAA and additional protections

SSNs, Passports, Drivers License

No

Financial Account Numbers (including Credit Cards)

No

May be subject to PCI-DSS regulations and additional protections

Export Controlled Data

No

Google Data Centers are worldwide

Logon Credentials

No

FERPA protected Student Records (non-health)

Yes

Does not include medical records or personal health information protected by FERPA

Personnel Records

Yes

Does not include personally identifiable information http://its.ucsc.edu/security/pii.html

Research Data

Yes

Data may have specific control requirements from sponsors, check before using.

Human or Animal Subject Information

TBD

Contact Office of Research Compliance Administration. Data may have specific control requirements, check before using.

Other P4 Data

No

Other P3 Data

Yes

Non-Confidential, Public Information

Yes

See http://infopractices.ucsc.edu/faqs/ for more on public information