Notice! Confluence will be unavailable on Thursday, 12/14 from 4 AM EST - 8 AM EST for server maintenance.

Search the Knowledgebase


Software and Services Index


Return to HomePage


HITS Feedback Survey


How can we help?

Submit a help ticket
734-936-8000
Help Me Now walk-up locations

For urgent issues and immediate concerns, please contact the HITS Service Desk at 734-936-8000. We're available 24 hours a day, 7 days a week.

Skip to end of metadata
Go to start of metadata

U-M Box is the University of Michigan implementation of Box, a cloud-based storage and collaboration system. Box provides a web interface for uploading, downloading, sharing, and discussing files. Box is designed to work on both the Mac and Windows platforms, as well as smart phones and tablets, providing access to files from most devices.

Students, staff and faculty at University of Michigan are all eligible for a Box account with unlimited storage. An account can be created using the link in the panel to the right. The site also contains information about Box including a FAQ, security information, user documentation, and a few videos.

HIPAA Compliance

As of September 2014, U-M Box has been approved for the storage of Protected Health Information (PHI) and electronic Protected Health Information (ePHI) with the following caveats:
  • Only shared Box accounts that have been setup by ITS are HIPAA compliant, you can request one to be created at this link. For further information please read the Box page on the Safe Computing Website.
  • Box Apps are downloadable applications available from Box (a non-university service) that can be used with U-M Box (a U-M contracted-for service).
    • Only the listed U-M Box Core Apps provide a secure environment in which to maintain or share the university's sensitive unregulated data as well as some kinds of sensitive regulated data, including PHI.
    • While Additional/Non-Core Apps are also available, these applications are not approved for the storage of PHI.
  • While storing PHI in U-M Box is permitted, individuals must still follow the protocols and procedures of the university and their unit in regard to handling and sharing protected health data. For more information, see the Using ITS HIPAA-Aligned Services: What U-M Units Need to Know page.
  • HIPAA regulations only allow for the use of #Box Sync when syncing to an encrypted machine (such as CoreImage (Windows) or CoreMac machine). Syncing to a home computer or other non-encrypted device, it is not approved by HIPAA.
  • Do not share folders that contain HIPAA information to collaborators outside of the Unviersity of Michigan (collaborators that do not have a @umich.edu or @med.umich.edu email address).
Box Domain Change - July 2013

The Box domain was changed on July 10, 2013, from umich.box.com to umich.app.box.com.

The old URL will redirect to the new one, so bookmarks and links will continue to work. Box apps, like #Box Sync, and the mobile apps should not be affected. ITS has not been told to expect any problems with the web interface but, if encountered, refreshing the page or restarting the browser should fix things.

Box provides a document with more information: https://cloud.box.com/s/babfsut50dpltd4nnhio

M+Box Links

Questions regarding the service can be initially directed to MSIS. Contact information is available at the bottom of the panel on the left side of the window.

  • No labels