University Policies

Data Protection Standards 

Digital Privacy Statement

HIPAA Policy Manual – Privacy and Security of Protected Health Information for BU Healthcare Provider Covered Components

HIPAA Policies for BU Health Plans

HIPAA information for Charles River Campus Researchers

Access to Electronic Information Policy

Network Security Monitoring Policy

BU Family Educational Rights and Privacy Act (FERPA)

Payment Card Industry Data Security Standard

Universal Identity Theft Policy

BU Gramm-Leach-Bliley Act Safeguarding Program (GLBA)

Broadcast Email

IS&T Policies

Information Security

IS&T and BUMC IT Data Center Policy

Policy Violation Notification Procedure

Data Protection Standards – Additional Guidance

Destruction of Paper Records and Non-Erasable Media (CD-ROMs, DVDs)

Destruction of Individual Files on Reusable Media

Securely Erasing Entire Reusable Storage Devices

Physically Destroying Reusable Storage Devices

InCommon Federation: Participant Operational Practices

BU Desktop Asset Management Policy Guide

Vulnerability Management Policy

Cloud Services Security

BU Google Drive Security Guide for FERPA

BU OneDrive Security Guide for FERPA and HIPAA

Office 365/SharePoint Online Security Policy

Social Media Guidelines

BU Google Apps Acceptable Use and Data Security

Learning Management System Policies

Disclaimer for Student and Personal Web Sites