shield Harvard University
Harvard Shield
About                                
Enterprise Security Policy
Information Security & Privacy
Policies
Privacy Levels
Info. Retention and Archival
Human Subjects
For Students
For Employees
For Registrars
Harvard Confidential Info
Working with Vendors
Accepting Credit Cards
Federal and Regulatory
Glossary of Terms
FAQ's       
Reporting Security Incidents
Reporting Violations
Privacy Policy
Security Presentations
Search the Site
Information Security and Privacy :: Transporting, Storing, and Displaying
 
 

I. Confidential Information transported over a network must always be encrypted. Secure web browsers running SSL or TLS or using a VPN meet this requirement.

II. Confidential Information stored on an individual's personal computer at Harvard should be encrypted. Confidential Information stored on a laptop computer, or any personal computer not located at Harvard must be encrypted.

III. No Confidential Information may be displayed in any public way. (For example, in posted lists or mailing labels containing HUIDs, SSNs or any other Confidential Information.)

IV. No application may contain a search function that could be used to access or display any Confidential Information about anyone other than the individual user unless the function is restricted to faculty or staff or to specifically authorized other individuals. Access to specific types of Confidential Information (including SSNs) must be restricted to those individuals that require the information for a business reason.



 		 
 
Universities adopt serious protections after high risk laptops are stolen
Advisory on use and protection of HUID
  >> See all  
Printer Friendly Page
 Trademark Notice|Privacy Policy | © 2008 President and Fellows of Harvard College  
Supported by WDS