Globus offers higher assurance levels for protected data, so subscribers can easily manage this data and share it securely and appropriately with collaborators.
Need to manage HIPAA-regulated data? Working with PII or CUI? No problem. Globus supports management of Protected Health Information (PHI) including data regulated by the Health Insurance Portability and Accountability Act (HIPAA), Personally Identifiable Information and Controlled Unclassified Information (CUI).
With higher assurance levels for managing restricted data, researchers can easily work with this data and share it securely and appropriately with collaborators, while meeting compliance requirements.
In addition, organizations have the option to enter into a Business Associate Agreement (BAA) with the University of Chicago, for written assurance that the data will be appropriately safeguarded by Globus in environments governed by HIPAA.
Key Features for Managing Protected Data:
- Multi-factor authentication and federated login, with OAuth2 based security
- High assurance policy that requires users to login with credentials from a specific identity provider (instead of a shared or linked identity)
- Re-authentication required after an administrator-configured timeout for continued protected data access
- Authentication and consents are tied to a specific instance of the application, ensuring that compromise of one application instance does not enable access to resources from another instance
- Fine-grained authorization for data access and sharing
- Authorization model that requires explicit grant of permissions
- Layered authorization combining local security governed by system administrator with permissions set by the user to control access to protected data.
- Enhanced stewardship capabilities through detailed audit trails that allow close monitoring of all data access and sharing
- Self-administered access and retention policies of audit logs, with ability to integrate into existing analysis tools
Data confidentiality, integrity, and availability
- Enforced encryption to ensure data privacy
- Data integrity verification can be performed after every transfer
- Secure, reliable, compliant operation of Globus services for use in regulated environments
Request pricing information
Access product documentation