Resource category : Regulated Research

A controlled and authorized computing environment to support UCF researchers and staff with federal cybersecurity requirements for handling Controlled Unclassified Information (CUI). The environment meets the National Institute of Standards and Technology (NIST) Special Publication 800-171, the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204.7012 and may potentially be used by projects requiring compliance with the FISMA Act of 2014 and HIPAA/HITECH Security Rule.

Researchers working with federal data, For Official Use Only (FOUO)/Controlled Unclassified Information (CUI) or have federal data requirements (DFARS 252.204-7012, FISMA, etc.) can work with Office of Research Cyber Risk Management (OCRM) for their project’s environment assessment, System Security Plan (SSP) and Plan of Action & Milestones (POA&M).

The privacy and protection of personal information are considered a fundamental right and therefore must be protected. Confidential information involving the university, often falling into the categories of highly restricted or restricted data, must also be protected. UCF is dedicated in the safe and appropriate handling and processing of personal data in research.

UCF Information Security Office has provided guidance for approved storage to meet the requirements for handling and protecting Restricted Data such as Personally Identifiable Information (PII) and Highly Restricted Data such as Protected Health Information (PHI), Controlled Unclassified Information (CUI). If you have any questions, please contact us.