The BioHPC team has been working closely with UTSW Information Security to enable the storage and analysis of HIPAA covered data on our systems. We have now been notified by Information Security that after review of the risks, the use of BioHPC for clinical data storage appears to be in line with HIPAA, state, and UTSW requirements.
If you wish to use BioHPC for storage / analysis of HIPAA covered data:
1. You must contact us at email@example.com before you begin, so that we can ensure we can discuss the control of access to the data, the way in which data will be shared, and make you aware of any risks you must address.
2. Note that the external git.biohpc.swmed.edu and cloud.biohpc.swmed.edu services must not be used to store or share HIPAA covered data.
3. Note that some internal systems (such as the beta version of the astrocyte workflow system) are not yet suitable for HIPAA covered data. Warnings will be added to the login page of systems that are not suitable for HIPAA data. We are working to add audit capabilities to these systems so that they can be used for HIPAA covered data in future.
In general, if you have any questions, or are uncertain how to proceed with the use of HIPAA covered data on our systems, please contact us at firstname.lastname@example.org before you begin work with the data.