University Policies

Data Protection Standards 

BU Health Insurance Portability and Accountability Act (HIPAA) Security Policies

BU Data Protection – Release of Electronic Protected Health Information


BU and the HIPAA Privacy Requirements

BU and the HIPAA Security Requirements

BU Checklist on Business Associates

BU Family Educational Rights and Privacy Act (FERPA)

Payment Card Industry Data Security Standard

Red Flag Rules Identity Theft Policy

BU Gramm-Leach-Bliley Act Safeguarding Program (GLBA)

Broadcast Email

IS&T Policies

Information Security

Secure Data Center Access Policy

Policy Violation Notification Procedure

Data Protection Standards – Additional Guidance

Destruction of Paper Records and Non-Erasable Media (CD-ROMs, DVDs)

Destruction of Individual Files on Reusable Media

Securely Erasing Entire Reusable Storage Devices

Physically Destroying Reusable Storage Devices

BU Desktop Asset Management Policy Guide

Cloud Services Security

BU Google Drive Security Guide for FERPA Policy

BU OneDrive Security Guide for FERPA and HIPAA Policy

Office 365/SharePoint Online Security Policy

Social Media Guidelines

BU Google Apps Acceptable Use and Data Security

General IS&T Policy

Learning Management System Policies

Disclaimer for Student and Personal Web Sites