Lehigh Google Apps: Best practices for data security

Lehigh and Google have negotiated contractual terms and conditions that protect the privacy and confidentiality of university student, faculty, and staff data in the Lehigh Google Apps suite of services. The contract ensures that we continue to own our data; that Google will not share this data; and that Google will not datamine for commercial purposes. Google will keep our data in perpetuity, delete it when requested, and will not display advertisements within the suite of Core Apps. For an explanation of Google’s privacy and security policies, see:

• Google Apps for Education: Security and Privacy
• Google Privacy Center: Transparency and Choice

Under these terms, you can use Google Apps to conduct university activities that are aligned with your role at the university.

Sensitive Data at Lehigh

Lehigh classifies sensitive data into types and provides guidelines for safe handling of this data. The sections below discuss sensitive data and Google Apps. If you have questions, contact LTS security specialists at at security@lehigh.edu. Read these relevant policies:

• University Cloud Policy
• Lehigh University Services Guide for Data Storage, Processing, and Transmission
• Privacy policy
• Copyright Compliance
• Classification of Data policy and Classification of Data Table
• Use of computer systems and facilities

Email is not secure

Email is an unsecured medium for sharing sensitive information. Lehigh has enabled and enforced data encryption in transit for all email going to or being read via the Lehigh Google Apps service either by the Web browser (HTTPS) or via IMAP clients (SSL). However, the recipient’s email service may not retrieve the information via a secure channel. Think of email as communicating via postcard -- it offers little in the way of security or privacy.

Google Apps and sensitive data

The following paragraphs provide information about some common types, or classifications, of Lehigh data, and storage on Google Apps (e.g., Drive). Briefly though, these types of data should never be stored in Lehigh Google Apps or stored or transmitted via email. To view detailed policies on handling of sensitive data, view the Classification of Data Tables.:

• Family Educational Rights and Privacy Act (FERPA) Data. The Family Educational Rights and Privacy Act (FERPA) is a federal law that protects the privacy of student education records. Per Lehigh’s data classification policy, FERPA-protected records (and other confidential information “stored in an encrypted form within the personal network (LAN) file space of the individual and must not be backed up to a cloud storage service.”
• Personally-identifiable Information (PII). Personal identifiers, including Social Security, tax identification, driver’s license, and bank account numbers, listed in the Breach of Personal Information Notification Act, as well as other legally confidential data, are protected information.
• Financial Information (payment/credit card information). Pursuant to federal laws, Lehigh has a duty to safeguard every type of nonpublic, personally identifiable financial information. In addition, Lehigh must protect payment/credit card data and related account information. Examples include information provided on an application for a credit card, payment history, and account balance information.
• Health Insurance Portability Accountability Act (HIPAA) and Protected Health Information (PHI). Individually-identifiable health information is legally protected by Federal HIPAA Privacy and Security laws as well as Pennsylvania laws related to medical record confidentiality.
• Export-controlled and other sensitive information. The United States’ export control laws forbid the unlicensed transmission of controlled items, software, and information to certain countries. These export control laws apply to controlled items even when transmitted primarily for storage or for further transmission purposes. It can be a federal crime to share export-controlled information with collaborators who are not United States citizens or permanent United States residents.
• Human subjects data. Human subjects data is classified as Class II restricted information at Lehigh.
• Intellectual property. Lehigh Google Apps users can invite other Google Apps users (and non-users), both within the university and outside the university, to view data, co-edit documents, and use other collaboration tools. It is the responsibility of each user to ensure that appropriate sharing controls are used in order to protect Lehigh’s intellectual property or third party confidential proprietary information provided to the university under contractual terms requiring non-disclosure.
  

  Accidental loss of data

  LTS can restore email that is lost or deleted. However, any document/file deleted from Google Apps cannot be restored by Google or Lehigh University. Data that is critical to the operations of the University should not be stored in Google Apps.

  Continuity of departmental data

  When selecting a data storage method, consider continuity of important data during staffing transitions, such as terminations, retirements, promotions, or transfers. Files that are important to the department should be stored on departmental accounts or on drives that are backed up and that can be maintained as individuals leave the university or leave positions in your department. When an individual leaves Lehigh, his/her computing account and the Google Apps account is locked and deleted, including files stored on Google Drive, Sites, Calendar information, etc. Plan for transferring ownership of files in the event that a staff member leaves.