for Grand Valley State University March 2010
CAUTIONS These services are not always secure in terms of protecting the data for which the university and its employees are liable for protecting. Posting information on one of these sites could violate FERPA, HIPAA, or other privacy protection laws for students and faculty. Other risks of storing data in cloud computing resources include but not limited to:
- disruptions of service
- loss of sensitive or confidential data
- unauthorized access or use of this data by the host service provider or unknown third parties
RULES and GUIDELINES
RULES The university expressly prohibits the use of Cloud Computing services in storing the following types of data unless specific contractual agreements are signed and approved by university legal counsel and information technology:
- Institutional confidential data (e.g., protected health information, academic records, etc.)
- Institutional business records
- Student, faculty and staff intellectual property
Please refer to the GVSU Secure Office Procedures posted on the www.gvsu.edu/it website under Policies for an explanation of protected data and guidelines that must be followed at GVSU.
GUIDELINES These guidelines are intended to assist individuals in making decisions on appropriate use of cloud computing resources.
GOOGLE APPS In February of 2009, GVSU signed an agreement with Google to use Google Apps Education Edition which includes contractual terms that ensure appropriate use and ownership of GVSU content. However, it is advised that content containing confidential data, intellectual data or university protected records should not be stored within Google applications.
OTHER CLOUD COMPUTING SERVICES The following guidelines should be used to determine whether cloud computing services are appropriate for specific purposes.
If you are uncertain if the data you are considering posting is protected data or are unsure about using cloud computing resources, please contact the Director of Information Technology for assistance, 616-331-2035 or firstname.lastname@example.org and/or the University Legal Counsel Office at 616-331-2067.
Page last modified March 10, 2011