Secure File Sharing on Box
Currently you should not put any confidential information in your Box account, as it will not comply with existing data security plans.
Anything you would normally store on your local workstation’s E:\ drive or the network Y:\ drive should not be placed in Box.
No file with Personally Identifiable Information (PII) should be placed in Box, for example: Social Security Numbers, Driver License numbers, or the personal names of subjects.
Files placed on Box are accessible to the employees and contractors of Box.
The IRB guidelines in “Confidential Data at the Urban Institute” allows for sanitized confidential data to be stored in a file system with appropriate access controls that restrict access to the data to those who are authorized to use it.
In the future it may be possible to store confidential data on Box, with the correct controls and an updated security plan, but not right now. If you are uncertain about whether or not a file can be stored on Box, do not store it on box, instead using the confidential files available on the network.
"A Maybe Is a NO"