What is Box?
Box is a commercial online content storage, sharing, and collaboration service offering free personal Box accounts to the public since 2005. Box and Internet2 have partnered to provide university-wide Box service to Internet2 member institutions who are, like Stanford, also InCommon subscribers. Stanford Medicine has collaborated with Box to provide a separate instance available to users of Protected Health Information. Stanford affiliates with a full SUNet ID can be a member of either instance, but not both.
Use of the Box should be consistent with the Stanford University core values and expectations, which are based on respecting each individual and his/her contribution to the success of the University. As a user, you are responsible for upholding the Fundamental Standard and the Stanford Honor Code as well as adhering to all applicable policies that outline appropriate conduct as a member of the Stanford community.
Use of Stanford's Box services are subject to all policies in Stanford's Administrative Guide. See the security category for the most important policies regarding information security.
Stanford University's Box policies
Use of Stanford's Box service indicates acceptance of the Terms of Service [PDF].
High Risk Data may not be stored in Stanford University's Box. This includes, but is not restricted to:
- Protected health information
- Export controlled information
- Stanford High Risk Data
- Social Security numbers
- Financial account numbers
- Driver's license numbers
- Health insurance policy ID numbers
- Credit card numbers
See the Risk Classifications guidelines for a full listing of High Risk Data.
University IT has chosen to make third-party applications that support SSL connections available to the campus community. Please note that Box will choose new and/or different third party application providers over time, and as a result the list of available applications will change. Also note that third party applications available through the Box interface are not developed by Box and are not covered under the contract with the University. Please use third party applications at your discretion; University IT cannot support these applications directly.
Stanford Medicine Box policies
Stanford Medicine Box is approved for storage of Protected Health Information (PHI). If your business process involves High Risk Data and is approved by the Data Governance Board, the Stanford Medicine Box can be used to store that data.
Stanford runs automated scans on all data stored within the External folder in Stanford Medicine Box. Items with data that may contain PHI will be quarantined and the file owner will be notified. If you have an inquiry about a quarantined file, please submit a HelpSU Request.
Do not post any material about others or the information obtained within Stanford Medicine Box on any external social networking site, blogs or any other websites.
Use of Stanford Medicine Box service indicates acceptance of the Terms of Service [PDF].
Closing your Box account
Stanford Box accounts are available to faculty, staff, and students with full SUNet IDs. Your eligibility for your Box account will end when your SUNet ID account services end. Managed Box accounts in the Stanford University or Stanford Medicine instance cannot be transferred out of the university.
Information on SUNet ID account expiration and grace periods can be found at:
Closing your SUNet ID Account: Faculty & Staff
Closing your SUNet ID Account: Students
Prior to expiration of your SUNet ID privileges, you should export any of your own personal data you wish to keep. If another member of the Stanford community will need access to your content, you can submit a HelpSU request to have ownership transferred.
