Stanford is committed to protecting the privacy of its students, alumni, faculty and staff, as well as protecting the confidentiality, integrity, and availability of information important to the University's mission.
Stanford has classified its information assets into risk-based categories for the purpose of determining who is allowed to access the information and what security precautions must be taken to protect it against unauthorized access.
As of May 2015, a new set of classifications has been established and is now in effect for Stanford data and systems: Low Risk, Moderate Risk, and High Risk. The former framework — Prohibited, Restricted, Confidential, and Unrestricted — was phased out in January 2016.
Special note to Stanford researchers: Except for regulated data such as Protected Health Information (PHI), Social Security Numbers (SSNs), and financial account numbers, research data and systems predominately fall into the Low Risk classification. Review the classification definitions and examples below to determine the appropriate risk level to apply. See Research Policy Handbook Section 1.10 for information security practices and guidelines specific to research computing systems.
In addition to understanding risk classifications, for Moderate and High Risk Data, be sure to take all necessary steps to protect sensitive data at Stanford.
Data and systems are classified as Low Risk if they are not considered to be Moderate or High Risk, and:
Data and systems are classified as Moderate Risk if they are not considered to be High Risk, and:
Data and systems are classified as High Risk if:
Use the examples below to determine which risk classification is appropriate for a particular type of data. When mixed data falls into multiple risk categories, use the highest risk classification across all.
View Minimum Security Standards: Endpoints
A server is defined as a host that provides a network accessible service.
View Minimum Security Standards: Servers
An application is defined as software running on a server that is network accessible.
View Minimum Security Standards: Applications
This table indicates which classifications of data are allowed on a selection of commonly used Stanford University IT services.
Stanford Service | Low Risk | Moderate Risk | High Risk: Non‑PHI | High Risk: PHI |
---|---|---|---|---|
Audio and Video Conferencing: Zoom and WebEx, Microsoft Teams IMPORTANT: Teams is only approved for PHI data with Cardinal Key. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Backups: Backup and Recovery Service for Servers (BaRS) | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Backups: CrashPlanPROe | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Calendar: Office 365 | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Cardinal Fax | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Cardinal Print | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Cloud Infrastructure: Amazon Web Services, Microsoft Azure, Google Cloud Platform IMPORTANT: Only approved for High-Risk & PHI data with the provision set up by UIT, and configured and managed by a Stanford professional services team. (e.g. Stanford Research Computing or TCG) Only HIPAA-approved services allowed for PHI-containing cloud accounts. See GCP and AWS. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Content Management: Stanford Domains | Approved for low risk data | Not approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Content Management: Drupal (Stanford Sites), WordPress | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Content Management: OpenText | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Not approved for high risk data |
Database Hosting: MySQL | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Document Management: Office 365 OneDrive, SharePoint IMPORTANT: Only approved for PHI data with Cardinal Key. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Document Management: Medicine Box | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Document Management: Google Drive (including Shared Drives, Docs, Sheets, Slides, and Forms) IMPORTANT: Only approved for PHI data with Cardinal Key with Google Drive. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Document Management: Google G Suite: All others (Photos, Jamboard, Sites, etc...) | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Electronic Data Capture (EDC): REDCap, Forte, REDCap Cloud Note: Compliant with Title 21 CFR Part 11. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Electronic Signature: AdobeSign IMPORTANT: Only approved for PHI data with the system configuration set up by UIT. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Electronic Signature: DocuSign | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Email: Google Mail, Office365 (with “Secure:” in subject line) | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Email: Google Mail, Office365 (without “Secure:” in subject line) | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Email: Other Departmental Systems | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Encryption: MDM Compliant Device, Stanford Device Registration Compliant Device | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Encryption: VLRE Compliant Device | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
File Storage: AFS, CIFS, NFS | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
File Storage: Secure AFS, Secure File Storage, Wasabi Cloud Storage | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
File Transfer: Globus | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Cardinal Voice Softphone | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Slack Messaging: Public Channels | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Slack Messaging: Direct Messages and invite-only channels | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Not approved for PHI data |
Issue Tracking: JIRA | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Not approved for PHI data |
Network Access Control: SUNAC | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Research Computing Clusters: Sherlock and SCG | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Research Computing Clusters: Nero and Carina IMPORTANT: A DRA review is required to introduce new research datasets. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Research Computing Storage: Oak | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Research Dataset Collaboration: Redivis IMPORTANT: A DRA review is required to introduce new research datasets. |
Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
ServiceNow | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Shared Computing: FarmShare | Approved for low risk data | Approved for moderate risk data | Not approved for high risk data | Not approved for high risk data |
Smartsheet: Collaboration and Project Management | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Stanford Profiles: CAP | Approved for low risk data | Not approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Survey Tool: Qualtrics - University, SoM, and GSB instances | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Survey Tool: Qualtrics - All other instances | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Voice Messaging | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
VPN | Approved for low risk data | Approved for moderate risk data | Approved for general high risk data | Approved for PHI data |
Web Programming: CGI | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |
Wiki: Confluence | Approved for low risk data | Approved for moderate risk data | Not approved for general high risk data | Not approved for PHI data |