Sensitive Data Environments

In some science environments, particularly in biomedical research, scientific data sets contain sensitive information.  A common example is Personal Health Information (PHI), the use of which is subject to HIPAA regulation.  PHI can be present in genomics data sets, data from MRI or other imaging technologies, and other data sets used in biomedical research.  However, data sets used in biomedical research are growing exponentially, just as they are in other fields.

Many science collaborations are using the Science DMZ model to improve the performance of data transfers, significantly improving scientific productivity. However, slower adoption of the Science DMZ model in the biomedical community has been mainly due to the discussions related to risk management around HIPAA - legal, monetary and reputation risk. Medical research centers have current network designs that have been approved by risk managers - those networks may not work well for high performance data transfers, but there is a large perceived risk in changing the configuration of the network, particularly in ways that apply network security technologies other than firewalls.

ESnet is actively working with several partners to find solutions to these problems, and to develop a high-performance reference architecture based on the Science DMZ model that is acceptable to risk managers in the biomedical research community.  The goal in this endeavor is the same as in other cases, namely to increase scientific productivity by effectively using high performance networks to improve the performance of cyberinfrastructure used for science.