Last updated on February 22, 2024

Madison SecureBox service provides a free-online file storage and collaboration service to store ePHI.  It is available for UW–‍Madison staff to share ePHI data with collaborators (internal and external to UW–‍Madison) when a departmental solution is not available and the amount of data to be stored is less than 50GB. For data sets greater than 50GB, consider using Research Drive.

The SecureBox Service is not intended for use as a file transfer method. Please see the Globus File Transfer Service to fulfill this need.


  • Provides a secure location for storage and collaboration of small ePHI data sets (under 50GB)
  • Access SecureBox folders from your UW–‍Madison managed devices
  • Ensures your files are stored and transferred securely
  • Allows approved outside collaborators to access your shared data on secure devices
  • Prevents outside entities from accessing your ePHI through high security settings and tracking by your local IT Department


  • MUST CONSULT with your local IT department prior to requesting the service. The request is a joint venture between the Requestor, their IT department, and the Office of Cybersecurity
  • Must use a departmentally managed device. Personal devices are not permitted.
  • UW–‍Madison devices must meet a specific Restricted Data Security configuration as described in the pdf Secure Endpoint Configuration Matrix (located in box in upper right of this page)
  • External collaborators will also be required to complete the Endpoint Security Checklist (located in box in upper right of this page).
  • Service will be provisioned upon verification of the device configuration

Getting started

  1. Contact your local IT Department first as they may have a quick solution to satisfy the project’s storage needs.
  2. Fill out the Request Form to obtain a new SecureBox folder or to modify an existing SecureBox folder. These forms are hosted in OneTrust, click “How to Access OneTrust” if you do not have an account.
  3. UW–‍Madison devices must meet a specific Restricted Data Security configuration as described in the Secure Endpoint Configuration Matrix (pdf)
  4. External collaborators should complete an Endpoint Security Checklist (pdf).

Terms of use

Service category