The following is a brief comparison of secure online storage at the University of Nebraska and other online storage services.
1 = In restricted folders with access limited to only NU employees who have a need to know.
2 = With the review and approval of the Security office.
3 = HIPAA compliance includes business office practices in addition to secure storage. A person within the department of office must be responsible for HIPAA compliance.
4 = Requires IRB approval and sign-off
|Data Type||Public Data||FERPA||Confidential Data
(not covered by FERPA)
|Data Definition||Directory Information, any university information publicly available||Student Grades, Student class schedule, UIN, Advisor Student Notes, Financial Aid data. Note: Banner is the system of record for all academic data||Internal departmental information, non-public university information not covered by another category||Personal Health records, Health Insurance Data||(Institutional Data) SSN, Driver License Numbers, Passport Numbers, Biometrics, combinations of information used to identify an individual||Financial Aid, Customer financial transaction records||Credit Card Numbers, Bank Account and Routing Numbers||Standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services||The International Traffic in Arms Regulations (ITAR) is the United States regulation that controls the manufacture, sale, and distribution of defense and space-related articles and services as defined in the United States Munitions List (USML).|
|OneDrive for Business||Y||Y||Y||N||N||N||N||N||N|
|SharePoint||Y||Y||Y||Y, 1, 2, 3||Y, 1, 2||N||Y, 1, 2||N||N|
|ITS managed local storage||Y||Y||Y||N||Y, 1, 2||Y, 1, 2||N||N||N|
|Cloud hosted storage or archive storage (AWS/Azure)||Y||Y||Y||Y, 1, 2, 3||Y, 2||Y, 1, 2||Y, 1, 2||N||N|
|Microsoft GCC Low / AWS GovCloud||Y||Y||Y||Y, 1, 2, 3||Y, 2||Y, 1, 2||Y, 1, 2||Y, 2, 4||N|
|Microsoft GCC High||N||N||N||N||N||N||N||N||Y, 2, 4|