Official US Government Icon

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure Site Icon

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Data Security Overview

 

The Secure Data Commons (SDC) platform stores and analyzes sensitive data with fine-grained secured access controls and secured data export processes.

Security Posture

SDC inherits DOT Enterprise Cloud security controls, monitoring services, and polices related to network, encryption, access, etc. The platform is classified at the Moderate sensitivity level, which requires safeguarding data that may include personally identifiable information (PII) and confidential business information (CBI). It is configured with comprehensive audit logging to monitor actions SDC cloud resources to reduce security and operational risk. SDC offers authorized and controlled access to individual datasets and the metadata associated with those datasets.

Security Services and Controls

SDC is configured to encrypt data in transit (HTTPS, SSH) and at rest, using 256-bit Advanced Encryption Standard (AES-256). User access is constrained by Identity Access Management (IAM) roles assigned to users’ workstation and implementation of database user permissions. Data cannot leave the platform without approval from the Research Project’s Data Steward.

How We Protect Your Research Data

Each Data Provider signs a Data Agreement that provides rules for sharing metadata and handling data. The SDC team also works with each project team to document and secure PII and CBI data within the platform. SDC has implemented processes to export secure data out of the SDC so that Researchers can export data based on the compliance and data usage policies set forth and approved by the Data Provider.  Once an export request has been submitted, the request will be sent to the appropriate Data Steward. Data Stewards are responsible for accepting or rejecting the export requests for researchers so that they are able to get their data products out of the SDC system.

For information on Exporting Data Out of SDC, please see:

Data Provider Guide: Chapter 5, Exporting Data Out of SDC

Research Team Guide: Chapter 4, Exporting Datasets from the SDC

For more information on SDC, please see SDC Capabilities (pdf).

For more information on  SDC Security Capabilities, please see SDC Data Security (pdf).

Last updated November 2022