Design and Implementation of a Secure Computing Environment for Analysis of Sensitive Data at an Academic Medical Center

Academic medical centers need to make sensitive data from electronic health records, payer claims, genomic pipelines, and other sources available for analytical and educational purposes while ensuring privacy and security. Although many studies have described warehouses for collecting biomedical data, few studies have described secure computing environments for analysis of sensitive data. This case report describes the Weill Cornell Medicine Data Core with respect to user access, data controls, hardware, software, audit, and financial considerations. In the 2.5 years since launch, the Data Core has supported more than 200 faculty, staff, and students across nearly 60 research and education projects. Other institutions may benefit from adopting elements of the approach, including tools available on Github, for balancing access with privacy and security.