Starting today, we will cease all data work on P4 level data.
Did you just get a Wynton Protected account? If so, set the following switch to tailor the instructions on the website to Wynton Protected users:
Please see UCSF Policy 650-16 Addendum F, UCSF Data Classification Standard for more information regarding UCSF’s data classification standard:
If you either don’t have a Wynton HPC account or if you already have a Wynton account, but it is not authorized to use protected data:
link to actually request a Wynton Protected account
A link will be emailed to a Statement of Responsibility form that all users applying for Wynton Protected access must sign agreeing to the responsibilities of handling PII and/or PHI data, take the training in the handling of PII/PHI data, and keep the training up to date.
The Principal Investigator (PI) is responsible for all protected data
Additionally, the following rules apply to PIs using protected data on Wynton or approving users that use Wynton Protected:
The PI must notify Wynton of any approved users whose access needs to be removed or is no longer required
The PI must notify Wynton of any users who have transferred departments and no longer require access to study data
The PI must notify Wynton when departing UCSF and transfer to another UCSF owner or archive their projects and data
The PI is responsible for ensuring that any user added to a Wynton Protected project that requires IRB approval, is listed on the IRB
The PI is responsible for classifying and taking inventory of data within their Wynton Protected project
The PI must notify Wynton of any change in security requirements in research agreements to Wynton admins
Read and comply with the Wynton HPC User Agreement and Disclaimer
Abide by the statement of Wynton HPC Purpose, Principles and Governance
User end points (e.g. laptops and desktops) connecting to Wynton must meet UCSF Minimum Security Standards for Electronic Information Resources
Wynton Protected users must use Wynton Protected-specific nodes on Wynton;
login nodes: plog1.wynton.ucsf.edu
development nodes: pdev1 and pgpudev1
data-transfer nodes: pdt1.wynton.ucsf.edu and pdt2.wynton.ucsf.edu
Wynton Protected users must not use any of the Wynton Regular nodes on Wynton, including log1, log2, dev1, dev2, dev3, gpudev1, dt1, and dt2.
Data containing P3 must not be transferred to, mounted on, or processed with any Wynton HPC cluster resources outside of the PHI-designated /wynton/protected/ location. P4 data is prohibited.
Wynton Protected users must use data-transfer nodes pdt1 and pdt2 for all file transfers to and from the cluster, including when using Globus
If you have questions regarding the security status of your data, please contact the UCSF Privacy Office
Q. What if I want to share data between /wynton/protected/group/ (Wynton Protected) and /wynton/group/ (Wynton Regular) directories?
A. Users with Wynton Protected access still have access to /wynton/group/, as do Wynton Regular users. However, protected data should never be stored under /wynton/group/ and protected data should never be shared with a user who does not have Wynton Protected access.