Know Your Data Resources

GDPR Data Categories Requiring Special Protection

The General Data Protection Regulation (GDPR) requires security measures for processing data relating to an identified or identifiable individual located in the European Union, Iceland, Liechtenstein or Norway (GDPR Processing). Harvard units or programs must comply with the GDPR when conducting GDPR Processing. The GDPR requires that security measures be appropriate in light of the potential risks to the affected individuals, taking into account the scope and purposes of such processing and the nature of the data. The GDPR identifies the following categories of data as meriting special...

Read more about GDPR Data Categories Requiring Special Protection

Secure Remote Work Device Options

There are several ways to make working-from-home work for you. Review this guide to discover the available options.

Before you do work for Harvard on your personal network, confirm your home wi-fi has a strong unique password. Do not use default passwords from your internet provider or router manufacturer.

Preferred Option: Use your Harvard Laptop

If you have a Harvard issued laptop, your best option for working remotely is to bring your Harvard laptop home. All your custom applications and settings will be...

Read more about Secure Remote Work Device Options

Zoom Security

Zoom connects you and your teams for meetings and collaboration. It gives you many security options to keep meetings secure and productive.


Where to configure settings

Zoom settings are accessed through the Zoom online portal. They can be configured as a default for all your meetings or individually per meeting.

Default settings for your account

Settings for individual meetings and your personal meeting room

... Read more about Zoom Security

Secure File Transfer

Secure File Transfer Services

The following services provide encryption of attached files sent to specified recipients. Remember, the body of message that accompanies the file is not encrypted, so don't put sensitive information into the message itself

Secure File Transfer for the following Schools is available at the links below.

Secure File Transfer using Kiteworks,...

Read more about Secure File Transfer

Legal And Regulatory Data Requirements

Contract Riders

In cases where Harvard is outsourcing management or processing of confidential information to an external service provider, the University contracting agent is required to choose an external service provider capable of maintaining appropriate safeguards for covered data. All vendors having access to Harvard confidential information or performing functions such as credit card processing must agree to protect this information.        

The confidentiality language in the...

Read more about Legal And Regulatory Data Requirements