How do I host sensitive or restricted data in Box?
Storage of restricted data in Box is subject to review from Purdue's IT Security and Policy group (ITSP). Access may also require approval from campus offices and committees responsible for contractual compliance and research regulatory affairs.
Purdue’s managed Box environment can be used to store, de-identified data and limited data sets in scope of HIPAA for research. Fully identified data is subject to a security review and approval process.
All restricted data must be stored in a REED Folder. Do not use Box for an actual medical practice.
See the data map below for more details: