Skip to content

CHPC — Research Computing and Data Support for the University Community

Main Navigation

Background image with laptop keyboard and lock icon, representing cybersecurity

Lock iconManaging sensitive research data when using CHPC systems

We take this opportunity to remind our users about the importance of proper management and handling of data associated with projects running on CHPC systems. Users are responsible for understanding and complying with applicable university, state, and federal security, privacy, and compliance requirements associated with projects, datasets, and software.

Identifying the type of data you are working with and ensuring that data are stored and analyzed only in approved environments is critical.

  • University Rule 4-004C outlines data classification standards and corresponding security requirements.
  • CHPC's General Environment cannot be used for research involving sensitive or restricted data, including protected health information (PHI), personally identifiable information (PII), and other regulated data types.
    • Such projects must be conducted only in approved, secure environments that meet applicable compliance standards, including the CHPC Protected Environment for projects with PHI and PII, and CHPC's Citadel/Regulated Environment for projects requiring NIST SP 800-171 compliance (e.g., projects with NIH controlled-access data, including datsets like dbGaP).

CHPC users are also encouraged to consult the 2024 VPR memorandum on research security about security and compliance expectations for research conducted on their own devices and laboratory systems, as well as the Research Security Office's guidance on compliance with export control regulations and related research security requirements.

Please reach out to us at helpdesk@chpc.utah.edu if you have any questions or concerns about your data and projects running on CHPC systems.

Return to newsletterSubscribe to the CHPC mailing list for updates

Last Updated: 12/5/25