Protecting Sensitive Data at Stanford
YOU are responsible for taking precautionary measures to protect any Stanford data you use, access, or share at Stanford.
Always ask these 3 questions protecting sensitive data at Stanford
- Is the data access approved and necessary?
- Only access data specifically required and approved for you to do your job. Access only the minimum amount of information that you need for your purpose.
- Are you using an approved service?
- Only use approved services for handling each type of data. Stanford provides approved services for working with our various data classifications, including protected health information (PHI), which is "High Risk PHI Data"
- Are you taking all needed security steps?
- Use all of the recommended and required security practices at Stanford. And never share High Risk Data with any non-Stanford persons or groups (including for research, publishing, or conferences) without all required approvals.
Review approved services by Stanford data classification at dataclass.stanford.edu
Find specific guidance at sensitivedata.stanford.edu
Download PDF for the Protecting Sensitive Data at Stanford Infographic
