UC San Diego SearchMenu

G Suite: Protected Data Usage Guidelines

Find guidelines for using protected data in G Suite (formerly Google Apps).

Useful Resources:

Data type Data use guidance Additional information Contact
Credit card (PCI-DSS) Not permitted Credit card data may not be collected or stored at UCSD. See: Junni Liu jul019@ucsd.edu
Export control Not permitted   Export Control Office
Electronic Protected Health Information (ePHI) subject to HIPAA Not permitted HIPAA requirements are quite complex. Please consult with the Health Sciences Security Office or the campus Office of Information Assurance Office of Information Assurance, Health Sciences Security Office
Human subject research Consult Consult with the Human Research Protections Program. Additional consulting is available from the campus and Health Sciences security offices Human Research Protections Program; Office of Information Assurance, Health Sciences Security Office
Intellectual property Consult Consult with appropriate UC location authority (e.g., Office of Innovation and Commercialization, Office of Research Affairs, campus counsel) Office of Innovation and Commericialization
IT security information (e.g., administrative passwords, network diagrams) Permitted Note that passwords may never be stored. If you need to share a credential, use the free campus LastPass service
Other sensitive institutional info (e.g., fundraising, attorney/ client privileges) Permitted Certain types of information may not be appropriate for storage in GSuite, consult with data proprietor and appropriate UC location authority (e.g., privacy official, development office, campus counsel, information security officer) if you are unsure Office of Information Assurance
Personally Identifiable Information (PII) Permitted Note that data can be inappropriately shared in GSuite. If you are unfamiliar with securing data in GSuite, consult with the Office of Information Assurance. Office of Information Assurance
Public information Permitted
Research data Permitted GSuite is appropriate for most research data. However certain classes of data require additional protections in order to meet Federal security requirements. Consult with the Office of Information Assurance or the Health Sciences Security Office &/or the Research Integrity Office if you believe your data may fall into this category Office of Information Assurance, Health Sciences Security Office.
Animal general (non-humanoid subject research) Not permitted Consult with data proprietor and UC location office of research IACUC
Student education records (FERPA) Permitted Excluding student health records. Consult with data proprietor and UC location authority Registrar's Office