Sensitive Data with Globus

Users are responsible for security and compliance related to sensitive code and/or data. Security and compliance are shared responsibilities. If you process or store sensitive university data, software, or libraries on your storage volume, you are responsible for understanding and adhering to any relevant legal, regulatory or contractual requirements.


  1. This service is for sensitive data only. Be advised that you should not move sensitive data off of this system, unless it is to another service or machine that has been approved for hosting the same types of sensitive data.
  2. It is your responsibility, not ARC’s, to be aware of and comply with all applicable laws, regulations, and universities policies (e.g., ITAR, EAR, HIPAA) as part of any research activity that may raise compliance issues under those laws. For assistance with export controlled research, contact the U-M Export Control Officer at For assistance with HIPAA-related computational research, contact the ARC liaison to the Medical School.
  3. Please review on a regular basis the export settings for sensitive data volumes.
  4. Please review on a regular basis any shares (Guest Collections) you may have made to ensure those collaborators should still have access.


Users using Globus Connect Personal (GCP) with sensitive data are required to enable that endpoint as Globus High Assurance (HA). This will require registering it with the campus Globus agreement.

  1. Select High Assurance when installing GCP
  2. Visit -> Collections -> Administered by You -> Select endpoint -> Edit Attributes
  3. Set Visible To Public (This is required until you hear back from ARC)
  4. Email your Endpoint UUID from the endpoint overview page

Leave a Reply