Please ensure Javascript is enabled for purposes of website accessibility

Announcements

General Info

UH Reinforcing Compliance Requirements with Data Protection Policies

February 19, 2026
Cybersecurity icons overlaying a laptop

The University of Hawai'‘i (UH) recently reminded employees of their obligations to safeguard Protected Data (as defined in EP 2.214) entrusted to them, including data protected under HRS Chapter 487N and other privacy and security requirements. These obligations also apply to RCUH employees working on and/or in support of UH research projects. If you are an RCUH employee who is not affiliated with UH information systems and/or data, you may disregard the requirements listed below.

Effective immediately, RCUH employees affiliated with UH should review:

Then, complete the UH Data Protection and Compliance Attestation Form, which affirms that you:

  • Understand your responsibilities for safeguarding Protected Data (including PII and HRS Chapter 487N-covered information)
  • Are following UH requirements including, but not limited to: secure use of passwords and multi-factor authentication, proper storage and sharing of Protected Data, and prompt reporting of suspected incidents
  • Must immediately report any suspected loss, theft, or unauthorized access to UH data through established incident-reporting channels

More information about protecting research data is available at https://www.hawaii.edu/infosec/research-security.

Completion of this mandatory confirmation is required within 30 days as a condition of continued access to UH Protected Data regardless of if the data is stored on a University-owned, project-owned, or personal device. A webinar to further explain this requirement will be scheduled. Mahalo for your cooperation and your role in protecting the privacy and security of students, patients, research participants, faculty, and staff.

Instructions for Principal Investigators conducting research using UH Regulated data (i.e., PII and HRS Chapter 487N data)

  • Principal Investigators (PIs) must comply with UH data classification and protection requirements and verify that appropriate technical and procedural safeguards are in place.
  • PIs who collect and maintain high-risk data will be required to complete a project-specific attestation, including identifying the procedures used to protect regulated data and a justification for continued use.
  • If PIs need assistance, they can contact either the ITS Help Desk ([email protected]) or the Information Security Team ([email protected]).

Related News

View All

Help Us Improve!

Share your thoughts to make us better!

(0/100)
I'm not a robot (Google reCAPTCHA)