NU@Nightingale: Secure High-Performance Computing
Northwestern partners with the National Center for Supercomputing Applications (NCSA) to provide Northwestern researchers with access to Nightingale for analysis and storage of sensitive data. Nightingale is a high-performance computing (HPC) cluster compliant with the Health Insurance Portability and Accountability Act (HIPAA) and security rules for using Protected Health Information (PHI), as well as Controlled Unclassified Information (CUI) policies such as the NIH policies that apply to dbGaP.
The Nightingale cluster resides in the NCSA National Petascale Computing Facility and is audited yearly by an outside entity to ensure secure operation. It is available to Northwestern faculty, staff, and students for a fee.
Nightingale Details and Pricing
An overview and technical specifications for the system are available in the Nightingale User Guide. Please note that the service rates outlined in the NCSA documentation are specific to University of Illinois Urbana-Champaign researchers and other external users. Northwestern negotiated rates are available upon consultation with Northwestern IT Research Computing and Data Services (RCDS).
Getting Access to Nightingale
Initial Consult
Northwestern researchers planning to process and analyze sensitive data should set up a consultation with RCDS to confirm whether Nightingale is a good fit for the project and to estimate the costs associated with using this resource.
At this initial consultation, researchers should minimally provide:
- A description of the sensitive data involved and relevant data use agreements
- A description of the research project and timeline
- The number of people who will access the data on the Nightingale system
- The software you intend to use for analysis
Cost estimates are based on the batch computing hours and data storage needed.
Request a consultation
Prerequisite Training for Nightingale Users
Nightingale is a HIPAA-covered entity. This means that to access Nightingale, all users need to complete HIPAA training, regardless of whether their data is HIPAA-regulated. Feinberg researchers should complete the Data Security and Privacy Training to meet this requirement. All other Northwestern researchers should complete HIPAA training through myHR Learn to meet this requirement.
The NIST SP 800-171 standard that defines the security compliance of the Nightingale system is designed to protect controlled unclassified information (CUI). All Northwestern researchers working with data subject to this security standard must also complete CUI-level training. This is provided through the Department of Defense.
Although not required to gain access to Nightingale, if you are unfamiliar with using an HPC cluster, it is highly recommended that you take NCSA’s short tutorial Using an HPC Cluster for Scientific Applications after creating an NCSA account.
Endpoint Requirements
All devices that researchers use to connect to Nightingale, such as laptops and workstations, must be Northwestern-managed and meet additional security requirements that align with a NIST SP 800-171 baseline. More information on managed endpoints is available through the Feinberg School of Medicine; for all other Northwestern schools, through Northwestern IT endpoint management.
Getting Nightingale Accounts and Requesting Support
The Northwestern IT RCDS team, in partnership with the NCSA, provides support for onboarding, software installation, data transfers, user access management, and documentation for researchers using Nightingale at no additional cost.
In-depth consultations for workflow design, software development, and code troubleshooting are available for a fee that covers staff time and materials.
Detailed information about the onboarding/offboarding processes, access setup, and data management, tailored for Northwestern researchers, can be reviewed in the NU@Nightingale user documentation.