OneDrive and FERPA/GLBA/HIPAA

 

LETU OneDrive is approved to store Confidential and Unrestricted data but not Restricted data. Important information below.

  • The LETU Data Classification Policy Classifies data as Restricted, Confidential and Unrestricted. Definitions of those terms are in Policy 6.2 Data Classification which all LETU Faculty/Staff are responsible for being familiar with. For convenience - a summary of these data classifications is below, however for complete guidance see policy 6.2.

  • LETU OneDrive has been approved to store Unrestricted data without restriction. Confidential data may be stored on OneDrive with the provisions below. Restricted data may not be stored on OneDrive (or MyDocuments) under any circumstances and must be limited to secure LETU databases and back-end systems designed for securely holding such data.

  • LETU-related Data should not be stored directly on a  personal computer under any circumstances. Unrestricted LETU data may be stored in OneDrive and synced to personal computers if they automatically lock and require a password on inactivity and regularly receive automatic security updates.
     

    • Important:
      • Only LETU OneDrive is approved, not the consumer (personal) version of OneDrive.
      • To properly protect sensitive information, you must understand OneDrive security and set it up correctly. Continue reading to learn how.
      • If you are not comfortable configuring OneDrive sharing and security you are not permitted to store Confidential data in OneDrive.
      • OneDrive allows you to automatically sync your files across multiple devices. This means that sensitive data could inadvertently end up on an insecure machine. If you are going to put Confidential data on OneDrive, you are required to prevent it from syncing locally to non-LETU owned devices. Using the instructions below you can configure directories containing Confidential data to not-sync and be available only on-demand. Any device you sync Confidential data to must be LETU-owned, encrypted, require a password and otherwise meet minimum LETU security requirements.
      • If you are unclear on whether student data you are putting in OneDrive is allowed, you should assume it is not until you can consult your supervisor.

Manage who can view or edit your OneDrive files

By default, only you can access the files on your OneDrive–you and anyone that can access that device. When you share files, it is important you understand how you’re doing so, avoiding accidentally giving people inappropriate access to sensitive information. To do this you can use a number of different interfaces including the web version of OneDrive or the local OneDrive client. To do this on the web version of oneDrive:

  1. Go to OneDrive and sign in to your account.
  2. Right-click the folder or files you want to share, and click Share.
    Screen shot showing file sharing options
    • Important: if you are sharing a folder you are also sharing any sub folder in that directory. Consider limiting sharing capabilities to folders that contain only information you intend to let others view.
       
  3. Enter the names of the people you want to share with and a message, if you want.
    onedrive_share_1
     
  4. (Optional) Click the drop down list to change the type of link. The Details pane opens, where you can change who can access the link and whether people can edit the item you’re sharing.

    Options for Who would you like this link to work for:

     

    • Anyone gives access to anyone who receives this link, whether they receive it directly from you or forwarded from someone else. This may include people outside of your organization.
    • People in LeTourneau University gives everyone with a LETU login name access to the link, whether they receive it directly from you or forwarded from someone else.
    • Specific people gives access only to the people you specify, although other people may already have access. If people forward the sharing invitation, only people who already have access to the item will be able to use the link.

    By default, Allow editing is turned on. If you want people to only view your files, uncheck the check box.

    When you’re done, click Apply.

  5. When you’re ready to send the link, click Send.

Manage OneDrive File Syncing

If you decide to sync LETU OneDrive data across multiple devices, you must ensure all devices syncing LETU OneDrive data receive automatic Windows, Apple or other provider security updates, and require a password and lock when not in use (this includes personal devices).

Additionally, if you are going to put Confidential data on OneDrive, you are required to prevent it from syncing locally to non-LETU owned devices. Using the instructions below you can configure directories containing Confidential data to not-sync and be available only on-demand. Any device you sync Confidential data to must be LETU-owned, encrypted, require a password and otherwise meet minimum LETU security requirements. Placing Restricted data in LETU OneDrive is always prohibited.

By default, OneDrive is set up to sync all files and folders but you have the ability to customize what is synced.

  1. Open your OneDrive app settings (click on the taskbar OneDrive icon, then click on the gear icon in the right hand corner of the window before selecting the Settings option)


     
  2. Navigate to the "Account" category.


     
  3. Select "Choose Folders"                                                                                            
  4. Choose which folder(s) you decide to sync. Stop syncing any folders you choose.
     
Print Article