Enterprise Information Security Policy

Harvard has developed this Enterprise Information Security Policy to establish requirements for protecting the integrity and privacy of confidential information. Each of the policies is expanded with detailed information including a Discussion on the policy and Best Practices for compliance.

These policies apply to everyone at Harvard who works with Harvard confidential information, to vendors who contract with Harvard to work with Harvard confidential information, and to the physical and computer environments that support their work.

To learn about the levels of confidential information and to see examples of each, view the University Data Classification Table. To learn about the annual Information Security Assessment, through which the Schools and major units report their security status, view information about the Assessment Process.

Harvard Research Data Security Policy

To access the HRDSP please visit the Harvard Research Data Security Policy site