All data and information resources of the SEHD are subject to University of Colorado's IT Security Program policy, APS-6005. The policy states:

University data centers and IT resourcesshall be sufficiently protected from physical and environmental threats to prevent the loss, damage, or compromise of assets, and interruption to business activities.

Examples of safeguards include:

• Physical barriers such as walls, gates, locked doors
• Access controls such as ID Cards, visitor escorts and logs, facility/equipment repair records
• Environmental controls such as uninterruptible power supplies, generators, temperature and humidity systems, fire suppression units

The most secure SEHD data are subject to the UCD Facility and Device Security HIPPA policy. The policy states

It is the responsibility of UCD Directors of Electronic Security, Information Systems, Facility Operations, Human Resources, and all affected unit managers and supervisors to limit physical access to their electronic information systems and the facilities in which they are housed, while ensuring that properly authorized access is not delayed.