UC IT Sourcing Committee (ITSC)
Google Apps for Education (GAE) deployment guidance
Google Apps for Education (GAE) is a cloud based suite of productivity tools that includes apps familiar to users of Google’s main products. GAE provides email at your school's domain (Ex: @yourschool.edu instead of @gmail.com) and full administration of all user accounts.
GAE apps have different security and privacy protections than personal Google accounts. The terms of UC’s contract with Google are in compliance with UC’s legal and policy requirements. The GAE services governed by the terms of the UC agreement are:
- Drive (unlimited per user storage space)
For a full list, view the Google Apps Services Summary. Campuses may enable or disable the products in the suite to meet local need. Other Google Apps are not covered under the terms of the UC agreement.
Sensitive data guidance
|Data Type||Data Use Guidance||Comments|
|Credit Card (PCI-DSS)||Not Permitted||Not acceptable for PCI-DSS data.|
|Export Control||Not Permitted||Not acceptable for export controlled data.|
|Electronic Protected Health Information (ePHI) subject to HIPAA||Not Permitted||Not acceptable for electronic Protected Health Information (ePHI). UC does not have a signed HIPAA Business Associate Agreement with Google.|
|Human Subject Research||Consult||Consult with data proprietor and UC location office of research.|
|Intellectual Property||Consult||Consult with data proprietor and appropriate UC location authority (e.g. tech transfer, office of research, campus counsel).|
|IT Security Information
(e.g. administrative passwords, network diagrams)
|Consult||Consult with data proprietor and appropriate UC location authority.|
|Other Sensitive Institutional Info
(e.g. Fundraising, Attorney/Client Privileges)
|Consult||Consult with data proprietor and appropriate UC location authority (e.g. privacy official, development office, campus counsel, information security officer).|
|Personally Identifiable Information (PII)
Tied to state notification breach laws, Login credentials, SSN, Drivers license
|Consult||When appropriately configured; consult with appropriate UC location authority (e.g. privacy official, risk officer, campus counsel, information security officer).|
Animal General (non-Humanoid Subject Research)
|Consult||Consult with data proprietor and UC location office of research.|
|Student Education Records (FERPA)||Permitted||Excluding student health records. Consult with data proprietor and UC location authority.|
UC location responsibilities
- Individual users are on a named user basis. Accounts cannot be shared between multiple users.
- Locations must identify GAE administrators.
- Location GAE administrators have the ability to enable/disable any applications in the GAE suite:
- GAE core applications (Gmail, Drive, Docs, etc.) covered by the UC GAE Agreement
- Caution: Other non-GAE applications (YouTube, Wallet, Groups, etc.) are covered by separate commercial terms from Google.
- Warning: Third-party non-Google applications (Mailchimp, Lucidchart, DoubleClick, etc.) are not covered by the UC Google agreements and must be considered separately. Third-party apps may incur additional costs, have different data security controls, and additional risks and liabilities. Carefully decide what third-party apps to allow or disable.
Locations should inform their users regarding the Google Apps that are not covered by this agreement, but may considered allowable at that location.
- Monitoring and responding to emails sent to ‘abuse’ and ‘postmaster’ aliases for Customers’ Domain Names.
- Use Google’s ”Admin Console” to administer and manage End User Accounts.
- Responding to complaints and questions from end users.
- Use commercially reasonable efforts to prevent unauthorized access to the Service, to terminate unauthorized access, and to notify Google of such.
- Ensure end user awareness that Google’s Customer Privacy Notice and End User Privacy Notice may be changed by Google at any time.
- Available 24/7
- 99.9% guaranteed uptime
- Will give minimum 8 hours notice for planned downtime
- Google will maintain a security audit report that is updated at least every 18 months, and provide a copy upon request.
- As a default setting in GAE, Google will not serve Ads on any of its services provided to UC unless specifically enable by UC service administrators.
- Google may store or process UC GAE data in any country in which Google or its agents maintain facilities.
- Each UC location is responsible for technical support to End Users or other third parties relating to use of the GAE services.
- Google will provide technical support for GAE, which can be requested by UC service administrators in accordance with Google’s Technical Support Services Guidelines.
- Google will notify UC of a security breach in the most expedient time possible.
- UC retains ownership and Intellectual Property Rights to UC GAE data.
Procurement Services contacts
View a ist of contacts for each campus.
- There is no direct fee to use Google Apps for Education.
Link to contract
UC location links and contacts for service
Visit the website or contact the individuals below for more information about this service at your location.
|UC Santa Cruzemail@example.com||http://its.ucsc.edu/google/index.html|
|UC Santa Barbarafirstname.lastname@example.org||http://www.connect.ucsb.edu/usage/google-apps|
|UC San Diego||Cloud and Web Services (email@example.com)|
|UC San Francisco||ITS Help Desk: 415-514-4100|
|UC Office of the President||IT Service Hub: ServiceDesk@ucop.edu||https://ucop.service-now.com/|
|Lawrence Berkeley National Labs||IT Help Desk: 510-486-4357||https://commons.lbl.gov/display/google/Google+Apps+-+Welcome|
|Agriculture and Natural Resourcesfirstname.lastname@example.org