Laws & Regulations

The definition and policies and procedures regarding restricted data can be found in the “Privacy Policy Manual” at under Policies & Procedures.

Regulations and laws that pertain to restricted data

  • ePHI (electronic protected health information) is regulated by the Health Insurance Portability and Availability Act (HIPAA) of 1996 with additional regulation by the Health Information Technology for Economic and Clinical Health (HITECH) act of 2009
  • The Family Educational Rights and Privacy Act (FERPA) of 1974 protects data about students, including grades
  • Social security numbers (SSN) are restricted data
  • Some intellectual property (IP) rights on information, software, papers or reports need to be protected, e.g. to ensure the possibility to file a patent.
  • International Trade of Arms Regulations (ITAR) specifies that certain types of information, including software and result files, cannot be exported to certain countries. Showing such information to a citizen of a foreign country is considered export.

HiPerGator meets the security and compliance requirements of the HITRUST standard

  • ePHI - You must adhere by the policies and follow the procedures.
  • FERPA - You must adhere by the policies and follow the procedures.

ResearchVault is approved for

  • ePHI
  • SSN
  • Intellectual Property (IP)
  • PII

Follow the policies and procedures.