Confidential or Sensitive Data on a Share
This article applies to: Shared File Services
Overview
HIPAA
Shared File Services can be used to store HIPAA data in compliance with the HIPAA Administrative Simplification Regulation Text.
HIPAA data storage must also meet the requirements for Confidential/High-risk (below).
Confidential/High-risk
Shared File Services can be used to store Confidential/high-risk data as defined by Cornell Policy 5.10, with the following limitations:
- CIFS shares from SFS may be configured to store Confidential/high-risk data as defined by Policy 5.10 Information Security.
- Note: Confidential/high-risk data is only allowed on specially configured shares.
- NFSv3 shares/exports which are Campus-facing are not allowed to store Confidential/high-risk data due to the lack of encryption on both the session-authentication and the data flow.
- Caveat: NFSv3 shares/exports which are only accessible by servers in the Extra Tier within CIT's Managed Servers service may receive ITSO approval for storage of confidential/high-risk data.
- PCI data storage is not allowed on SFS.
Sensitive information is not allowed in file names or directory names. This example links a person to their SSN and a credit card and a driver’s license and would not be allowed.
\\files.cornell.edu\CIT\Personnel\Fred-Burfle\SSN-123-45-6789\Corporate-VISA-0987654321\NY-Driver-License-ID-123-456-789.jpg
Requirements
As defined in Cornell Policy 5.10 there is a substantial set of requirements which must be fully met in order to store confidential/high-risk data on Shared File Services. While the service itself is configured in order to meet the “Baseline Requirements Specific to Application and File Servers,” the majority of the requirements are the responsibility and liability of the SFS customer to identify and meet.
A partial list of the requirements you must meet includes:
- Access to confidential/high-risk data is logged.
- Failed access attempts are logged.
- Quarterly, verify that only authorized accounts have access to confidential/high-risk data.
- Systems are scanned with a data discovery tool semiannually.
- Confidential/high-risk data is encrypted on any system not located on one of the Cornell campuses or other formal university location.
- Confidential/high-risk data is encrypted on any laptop, netbook, tablet, smart phone, PDA, or other mobile device.
- Confidential/high-risk data should be removed from file servers when it is no longer needed.
- Any system holding or accessing confidential/high-risk data that uses a wireless connection must use security equivalent to, or stronger than, Eduroam.
- The unit maintains and inventory of all systems holding confidential/high-risk data.
- The inventory is reviewed at least every six months.
- The unit inventory is filed with the local IT head and the unit Security Liaison.
- Workstations, desktops, laptops, and servers are included in this inventory.
- The inventory includes, or the unit is able to retrieve/derive the following attributes: Date of inclusion, date of last review, assigned user or administrator, role of assigned user and system, physical type of system, OS, hostname, IP, MAC, make/model/SN,Cornell asset tag, number of external drives, backup method.
Note: This is a partial list of requirements derived from the policies listed below.
When you order a share from SFS for confidential/high-risk data storage you are electronically testifying that you have read, understood, and agree to comply with all pertinent Cornell policies regarding the storage of confidential/high-risk information. These policies include, but are not limited to:
- Policy 4.12, Data Stewardship and Custodianship
- Policy 5.10, Information Security
- Policy 5.3, Use of Escrowed Encryption
- Policy 5.4.2, Security Incidents
- HIPAA Administrative Simplification Regulation Text
SFS confidential/high-risk shares are not intended to be used for Sensitive data which does not require the level of protection required by Cornell Policy 5.10 for a variety of reasons, including:
- Ongoing Work: The security/auditing requirements in Cornell Policy 5.10 require substantial ongoing work by you. This work is reduced by using storage appropriately.
- System Resources & Expense: Auditing of confidential/high-risk data on SFS requires additional system resources, which correlate to the fees we charge. For this reason, the additional CIFS Audit Log shares are billed at a higher rate than standard shares.
Comments?
To share feedback about this page or request support, log in with your NetID