Privacy, Security & Prohibited Data
Privacy and Security
Google's commitment to providing a secure environment underpins OSU's decision to adopt Google as a cloud service provider. OSU's contract with Google stipulates that intellectual property rights in the data stored within the Core Apps (Mail, Calendar, Contacts, Drive, and Sites) remain with the customer (OSU doesn't grab ownership).
The data you place in Google should remain safe and secure, but there are certain data elements that are prohibited from being placed on Google due to state and federal regulations or OSU policy. They are:
- Export Control Data (EAR, ITAR), including:
- Manuscripts that need a sponsoring agency's prior approval before submission to a journal;
- Data or information gather on a grant or contract that has export control restrictions
- Health Insurance Policy Numbers
- Protected Health Information
- Personally Identifiable Information (PII), including:
- Social Security Numbers
- Credit Card Numbers
- Bank/Financial Account Numbers
- Driver's License Numbers
- Passport and Visa Numbers
Accounts and Sharing
All faculty, staff, and students will be provided access to Google Apps via their ONID account. These accounts may be used to conduct university business within the Google cloud.
When using Google services, it is up to you to determine who has access to the data you've placed there. Aside from the information listed above, there is information that is of a private nature and should only be shared with people within the University with a business need to know. One example of this would be student data.
Unless the information is of a public nature, do not share data with any account outside of University control, including your personal Google account. Personal accounts may not be used for University business.