In higher education, an information security policy is a document required by state and federal law that just outlines how the school plans to protect its sensitive, confidential, or legally-protected information. An information security policy is often considered a "living document," meaning that the document is never finished, but is continuously updated as community, technology, and University, requirements change.
University Policies
- Harvard Enterprise Security Policy (HESP)
- Harvard Research Data Security Policy (HRDSP)
- Harvard University Digital Accessibility Policy
- General Data Protection Regulation (GDPR) EEA Privacy Disclosures
- Policy on Access to Electronic Information
- Digital Millennium Copyright Act (DMCA)
- University Credit Card Merchant Handbook
- Harvard FERPA Common Directory Elements
- Harvard Records Management
- Harvard Staff Personnel Manual
HGSE Policies & Statements
State and Federal Regulations
Massachusetts
Federal
- Family Educational Rights and Privacy Act (FERPA)
- Gramm-Leach-Bliley Act (GLB)
- Health Insurance Portability and Accountability Act (HIPAA)
- Digital Millennium Copyright Act (DMCA)