Where can I store my documents?
Cloud Services
Google Drive
Google Drive is online storage integrated with your other University Google applications. Save your work files to Drive and use Docs, Sheets, and Slides to edit them. You can share with co-workers and edit the same file at the same time, showing revisions and comments.
Drive accounts are hosted by Google and managed by UMD’s Division of IT. All rights and responsibilities established in the UMD Policy on the Acceptable Use of IT Resources apply to the Google Drive service.
Google products are compliant with the requirements of the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is the cloud security standard of the U.S. government. Google is authorized for use by federal agencies for data with a Moderate impact level and is classified as a Moderate (Level 2) service under the UMD Data Classification Standard. This means you can store data such as Non-PII Student Records and Personnel Records in Drive. It is also compliant with the U.S. Family Educational Rights and Privacy Act (FERPA).
However, the following kinds of data should NOT be stored in Google Drive:
High (Level 3) Information
Personally Identifiable Information (PII) as defined in Maryland Code, Commercial Law § 14-3501
Identifiable data elements that contain sensitive health information that are not otherwise subject to HIPAA
Restricted (Level 4) Information
Payment Card Industry Data Security Standard (PCI-DSS) Data
Controlled Unclassified Information (CUI)
Export-Controlled Data
Health Insurance Portability and Accountability Act (HIPAA) Data
As well as...
Federal Tax Information
Student Loan Application Information (GLBA)
Social Security Numbers
| Acceptable Data | Unacceptable Data |
|---|---|
| Data made freely available by public sources | Personally Identifiable Information (PII) as defined in Maryland Code, Commercial Law § 14-3501 |
| Published data | Identifiable data elements that contain sensitive health information that are not otherwise subject to HIPAA |
| Educational data | Credit Card or Payment Card Industry (PCI) |
| Initial and intermediate Research Data | Federal Information Security Management Act (FISMA) Data |
| Non-PII student records | Federal Tax Information |
| Personnel records | Gramm-Leach-Bliley Act(GLBA) |
| --- | Social Security Numbers |
| --- | US Export Controlled Data |
| --- | Protected health information governed by HIPAA |
Some things to take note of:
Faculty and staff users of this service should be aware of the limitations on the types of data that may be stored in a Google Drive account (see above).
Shared Drives are available for colleges/departments, student groups, and other groups affiliated with the university.
Because Drive is integrated with Google Mail, you can save attachments directly to Drive.
Box
Box is a cloud-based storage and collaboration system that provides a Web interface for uploading, downloading, sharing, and discussing files. Box is designed to work on Macs, PCs, smartphones, and tablets, so it gives you access to your files from just about anywhere.
UMD Box accounts are hosted by Box and managed by UMD’s Division of IT. All rights and responsibilities established in the UMD Policy on the Acceptable Use of IT Resources apply to the UMD Box service.
Box products are compliant with the requirements of the [Federal Risk and Authorization Management Program (FedRAMP)] (https://marketplace.fedramp.gov/). FedRAMP is the cloud security standard of the U.S. government. Box is authorized for use by federal agencies for data with a Moderate impact level but is a classified as a High (Level 3) service under the UMD Data Classification Standard. This means you can store data such as PII and Controlled Unclassified Information in Box. It is also compliant with the U.S. Family Educational Rights and Privacy Act (FERPA). However, the following kinds of data should NOT be stored in Box:
Restricted (Level 4) Information
Payment Card Industry Data Security Standard (PCI-DSS) Data
Controlled Unclassified Information (CUI)
Export-Controlled Data
Health Insurance Portability and Accountability Act (HIPAA) Data
As well as...
Federal Tax Information
Student Loan Application Information (GLBA)
Social Security Numbers
| Acceptable Data | Unacceptable Data |
|---|---|
| Data made freely available by public sources | Payment Card Industry Data Security Standard (PCI-DSS) Data |
| Published data | Controlled Unclassified Information (CUI) |
| Educational data | Federal Information Security Management Act (FISMA) Data |
| Initial and intermediate Research Data | Export-Controlled Data |
| Non-PII student records | Health Insurance Portability and Accountability Act (HIPAA) Data |
| Personnel records | Federal Tax Information |
| Personally Identifiable Information (PII) as defined in Maryland Code, Commercial Law § 14-3501 | Student Loan Application Information (GLBA) |
| Identifiable data elements that contain sensitive health information that are not otherwise subject to HIPAA | Social Security Numbers |
Some things to take note of:
Faculty and staff users of this service should be aware of the limitations on the types of data that may be stored in a Box account (see above).
Organizational accounts are also available for colleges/departments, student groups, and other groups affiliated with the university.
Creating a UMD Box account will share limited personal information (name and UMD email address) with members of the UMD community.
More Information Can Be Found Here
Updated on: 08/02/2022
Thank you!