Home > Enterprise Security Policy > 2. Confidential Information > 2.10 Confidentiality Agreements
2.10 Confidentiality Agreements

Policy

University employees who have access to confidential information must annually agree to a confidentiality agreement.

Discussion

Some employees dealing with high risk information are required to agree to confidentiality agreements by regulation or contractual agreement. Examples include employees dealing with information protected by HIPAA and employees processing credit and debit card charges.

In order to ensure that all employees who deal with confidential information are regularly reminded of their responsibilities the University has decided that all such employees must annually agree to a confidentiality agreement.

The Harvard PeopleSoft system has been updated to enable employees to agree to the University confidentiality agreement and to track such agreements.

Best Practice

http://www.security.harvard.edu/resources/statements [1]



Source URL (retrieved on 11/25/2009 - 02:30): http://www.security.harvard.edu/enterprise-security-policy/2-confidential-info/policies-2_10

Links:
[1] http://www.security.harvard.edu/resources/statements