Google Drive at U-M

Key: Permission Levels

  • Permitted
  • Permitted with Information Assurance (IA) Consultation
  • Not Permitted

For IA consultation, please contact the ITS Service Center

You are responsible for ensuring that your use of this service complies with laws, regulations, and policies where applicable. See Compliance below for details.

Permitted

Not Permitted

Service Description 

Google Drive at U-M—including Google Team Drive—is a Core Service within the Google Apps for Education software available to eligible members of the university community. Drive is a document creation and collaboration application. It includes Google Documents, Presentations, Spreadsheets, Forms, and Drawings.

Compliance 

Google Drive at U-M is a university contracted-for service. It is covered by the university’s Google Apps for Education agreement. It provides a secure environment within which to maintain or share the university's sensitive unregulated data, as well as some—but not all—types of sensitive regulated data.

Any restrictions on placing some types of sensitive regulated data in U-M Google Drive are based on compliance rather than security. While Google Drive at U-M is secure, it does not comply with some specific regulatory and U-M policy requirements for certain types of sensitive regulated data. Among the types of data that may not be maintained, shared, or processed in Google Drive at U-M are:

  • Protected Health Information (regulated by HIPAA) (because Google has declined to sign the necessary contractual agreement)
  • Student Loan Application Information (regulated by GLBA)
  • Payment Card Industry (PCI) information
  • Export Controlled Research (regulated by ITAR or EAR) (because Google may store the data in data centers outside the U.S.)

Additional Resources