skip to content

Privacy and Security

CDD Data Privacy Policy

  1. Each research group decides if, when, and with whom to share data through username/password-protected, invitation-only online groups.
  2. By default each group's data remain 100% private, unless a researcher agrees explicitly to share it with other named users or with the CDD community. This can be done temporally, for example data can be kept private until after publication or patent.

CDD Security Measures

  1. CDD encrypts all traffic between a user's web browser and our servers once the user has logged in.
  2. CDD performs thorough automated testing of our application code, including security tests to make sure one group cannot access another group's private data.
  3. CDD deploys two firewall levels (“defense in depth”), the first in hardware and the second in software, for each sensitive server in our server environment.
  4. CDD encrypts all database and customer file backups using public key cryptography, and the private keys are backed up securely.
  5. CDD stores user passwords in our database using strong, one-way encryption hashes.
  6. CDD stays current with all security updates to our system software, firmware and operating systems.
  7. CDD relies on Linux systems for all database operations.
  8. CDD enforces mandatory password security policies.
  9. CDD limits and audits internal access to data servers and superuser accounts.

More details

For many more details regarding the security of the data within the CDD database, please email .