Egress Alert Policy

  • Updated

An egress alert will be issued when a registered researcher violates certain security policies put in place by the All of Us Research Program’s Data and Research Center (DRC). The most common reason an egress alert is triggered is through an attempt to download data from the Researcher Workbench (accidental or intentional); however, there are several other types of events that can cause an alert, such as: error messages, large queries, downloading summary data that is larger than the threshold (summary data is allowed to be downloaded, but row level data is not), or large notebooks (which are typically caused by large outputs). If you're using a large notebook that has triggered the alert, please use this article to clear outputs without opening them again.  

As a reminder, per the Data User Code of Conduct, registered users of the Researcher Workbench are not permitted to download or remove participant-level data from the platform. 

Should an egress alert be triggered, the VM that triggered the alert will be shut down, and the researcher will receive an email from the DRC's Security team. Some of the questions that the Security team may ask the researcher include:

  1. Can you please confirm you were active in your account on [date / time], and also share the details of your activity? 
  2. Can you please share the SQL query you used so we can validate it against our logs?  
  3. Finally, can you please confirm no data were downloaded to your local device during this activity? 

The DRC’s Security team may ask additional questions in order to help determine:

  • What method was used to download the data?
  • How much data were downloaded?
  • Did the downloaded data include any personally identifiable information (PII)?
  • Was this suspected malicious intent?
  • How much data were downloaded?
  • How quickly were the data downloaded?
  • Were the data downloaded manually or through a script?
  • What ports were used? 

*If a high volume data egress activity is detected, the Researcher Workbench Developer team will automatically disable the researcher’s account. To reinstate the disabled account, the Security team will review the researcher’s responses to the questions above. If they deem it appropriate, they will give approval to the developers to reinstate the account. 


Please review our All of Us Research Program Data and Statistics Dissemination Policy, All of Us Research Program User Appeals Policy and Data User Code of Conduct for further information.

Was this article helpful?

1 out of 7 found this helpful

Have more questions? Submit a request



Article is closed for comments.