The research program is equipped with an advanced, dedicated, secured research server with high capacity to conduct research analysis and storage of large health care databases for evaluating treatment utilization and outcomes in populations (ETrUOP).

The ETrUOP server is the key equipment to conduct research projects, which allows the efficient and collaborative work for a group of analysts and satisfies the data use agreements with data licensing agencies for data use.

****************************************************************************************

Hardware

HP DL380G7 server with 2 Intel Xeon X5675 CPUs (3.06 Ghz/6 cores/12Mb), 96 GB memory, 10 TB hard drive storage with fully encrypted double-tape backup and optical fiber channel connection. The server include Redundant Array of Independent Disks (RAID) level 50 hard disk configuration for data fault tolerance and performance. The RAID volumes and I/O configuration of the server is optimized for high SAS operation performance. The server has redundant power supplies and uninterrupted power supply. All unnecessary network ports and services will be disabled on the server for IT security. The research server is physically located in the state-of-the-art data center of the UNC Information Technology Service Research Computing, which is fully compliant with HIPAA and sensitive data research. The world-class central server room in the data center was designed to facilitate sensitive data computing with dedicated servers, including climate controlled air, gigabit network bandwidth, enhanced electrical power (220v), power conditioning (Uninterrupted Power Supplies), and restricted access controls.

Software

Windows 2008R2 Server operating system with Terminal Services installed. Windows 2008R2 Server operating system will be routinely monitored and updated with patches, security updates and critical updates. Research software include SAS 9.20, STAT 10, ArcGIS 10, and Microsoft Office 2010 enterprise etc.

IT security policy and protocols

The dedicated server has (1) sufficient firewall and IP security, (2) a secure logon procedure, (3) security audit tracking, (4) local/group policy restrictions, (5) a strict password policy, (6) secure backups, (7) anti-virus protection, and (8) signed confidentiality statements by all users. This system enables approved researchers and designated collaborators to access and analyze confidential information from approved work locations. Network security and protection are top priorities. Software firewalls and Internet Protocol Security (IPsec) filtering have been installed to protect the server. All UDP and TCP network ports are permanently disabled, and access is restricted to a pre-determined set of individual static IP addresses and authorized office/lab desktop on UNC domain. All unnecessary networks and ports and services are disabled on the server. Network access to the server is limited to a Terminal Service connection. Terminal Services allows users to connect directly to the server from a remote location at which no data is transferred across the wire. The Terminal Service connection will be restricted in function through the use of local and group policies. Passwords will be encrypted. Full backups of the server are run every business nigh to double tapes in unbreakable 256-bit encryption. Anti-virus software has been installed to ensure data protection. Information Technology staff monitor event logs, including security audit logs, applications logs, and system logs. All staff with access to the server have HIPAA and IT security training for research data and read and sign a Confidentiality Statement.

Server administration and support

The server is administered and supported by the UNC ITS Research Computing. The UNC ITS Research Computing provides a world-class computing infrastructure as well as other technology tools and capabilities to support the research needs of UNC faculty and staff.