Managing Private Information
NERSC takes seriously the responsibility to protect the information it is entrusted with. However, there are certain kinds of information That must not be stored on NERSC user systems because its' protection would require costly and burdensome security controls. This data includes:
- Classified Information: Information to which access is restricted by law or regulation to those holding a formal security clearance.
- Personally Identifiable Information: Including Social Security Numbers, bank account, or credit card information.
- Health Information: Including that which is protected by HIPAA (Health Insurance Portability and Accountability Act).
- Information protected by contract: Information agreed to be protected as part of a CRADA, non-disclosure agreement, or WFO agreement, or proprietary contractual information.
- Prudent to Protect Information: Other information that should not be exposed to the general public, such as specific information that relates to the physical or cyber security of NERSC, or to the operation of key safety or financial systems.