Data Security

Microsoft Teams is an effective and convenient tool for communication (i.e., calling, texting, video conferencing, and file sharing) and comes with free HIPAA compliant transcription. Please look at our New Policies to ensure professional relationships with Patients and Research Participants. 

Follow our guidance on securing your devices and use approved Data Storage and Research Apps


HIPAA Limited Data Sets or anonymized data (BU Data Classification – Confidential) can be processed on our Shared Computing Cluster (SCC4).  SCC staff or the data provider (e.g., BMC Clinical Data Warehouse) can help you limit the data to that allowed by law: dates (e.g., DOB, dates of treatment), city, and zip code.  All other identifiers, including email, phone, pic/video of face, medical record # must be removed or left on Restricted Use network drive (e.g., BUMC Y Drive, RU-NAS).     

A completely de-identified data set requires removal of all identifiers.  See U.S. Department of Health and Human Services, Office for Civil Rights guidance on de-identification.

  • If data is completely de-identified it is classified as Public Data.