...
Sensitive data (e.g., ePHI, PII, HIPAA, other restricted forms of data) must remain inside the KESC environment unless explicit permission to transfer data has been granted by the PI and a member of KESC Management.
If data is being sent to a subcontractor or other agent, additional contractual documents such as
a Data Use Agreement or Business Associate Agreement.Data may only be transferred into or out of ASRE KE Secure Cloud using approved methods such as Globus, SFTP, and similar authenticated, authorized, and encrypted methods.
...