Information Security at Boston University is here to support our community in meeting a wide range of compliance requirements. From research projects with complex regulations to handling data under major compliance regimes like PCI, HIPAA, GLBA, and GDPR, our team helps you navigate the rules and standards that keep our university safe.

Research remains our broadest area of compliance, and we’re committed to guiding researchers through the process of securing data, interpreting Data Use Agreements, writing System Security Plans, Data Management Plans, and other detailed documents describing data protection, and helping researchers meet sponsors’ expectations.

Benefits

This service empowers members of the Boston University community to pursue research and institutional goals by simplifying compliance with complex regulatory standards like PCI, NIST, HIPAA, GLBA, and GDPR. By providing expert guidance on data security, tailored support for research projects, and streamlined documentation processes, the service reduces risk, safeguards sensitive information, and ensures that compliance no longer stands as a barrier to discovery or operational excellence.

Key Features

• Offer expert guidance on compliance with regulatory standards such as PCI, NIST, HIPAA, GLBA, and GDPR
• Assist researchers in securing sensitive data and understanding data security best practices
• Help Principal Investigators meet sponsor and funding agency expectations for data protection and compliance
• Interpret and explain Data Use Agreements to ensure proper data handling
• Support the creation of System Security Plans and Data Management Plans tailored to project needs

What to Expect

Simple questions may be answered online during normal university hours.  More complex questions may require scheduled consultations that will help us understand your concerns, conduct appropriate research if needed, and provide you with guidance or recommendations.

Requirements

None

Getting Started

Contact us for more information.