Each computer that is backed-up is assigned a datacenter that will maintain the complete set of data for that computer. If you have more than one computer backed-up with Mozy it is likely that your data will be stored in multiple locations. Mozy’s datacenters are primarily based in various locations throughout Utah. There are other locations across the United States and Europe that can be used depending on your location. Most data that is being backed-up in EHHS is stored in one of Mozy’s Utah secure facilities.
There is a limited set of people that have access to the data stored in your back-up. Currently only the full-time staff in the EHHS IT Services Support Group (Aaron Near and Tim Pagliari) have access to the the complete set of computers and user data for management purposes. There is a chance one to two more staff members from the department of Security and Access Management on-campus would have this same level of access. This would only happen if the University adopts Mozy centrally and they need to administer the program.
I have a large collection of sensitive data (social security numbers, clinical information on patients [HIPAA], student grades [FERPA], etc.). Is it safe to have this data backed-up with Mozy?
Mozy is considered to fall within compliance of HIPAA and FERPA regulations. While it is best to maintain a minimum set of protected data on your computer it will not breach compliance to have it backed-up as part of our Mozy enrollment. There are certain types of data that would be best not have stored on your computer in general and it would be best to remove these types of data if you do have them: social security numbers, credit card numbers (personal or University cards), and other types of identifiable financial information.
Data and documents stored with Mozy are securely stored in one of Mozy’s datacenters located through out the United States. Data is encrypted on your computer before it is transferred and the transfer itself is also encrypted. Once the data has been backed-up a record is recorded when the data is accessed for a restoration which allows a security check upon unwanted and unacceptable access.