“Data Privacy Day is an international effort held annually on January 28th to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.” -National Cybersecurity Alliance

Dear Colleagues,

Confidentiality and integrity are central themes to how we manage data at Boston University. Information Security, in collaboration with Analytical Services & Institutional Research, the Comptroller’s Office, Internal Audit, the Office of Compliance and other offices, works to enact policy and practices that safeguard University data and foster a culture of privacy, integrity, and trust.

In observance of Data Privacy Day at Boston University, we would like to highlight one of the policies that guides us on this mission: the Record Retention Policy. This policy provides preservation guidance for all Boston University staff and faculty who maintain, create, store, or use records. Equally important, it describes when records may be destroyed which saves money, space, and reduces the risk of breaching data. In addition to those that manage University records, it is essential for all members of the BU community to be aware of this policy..

What is the purpose of the policy? The policy enables the effective and compliant retention of University records in any format, paper or electronic. The policy aims to ensure that critical records are available to meet institutional needs while preserving the document’s history, complying with legal requirements, and ensuring data privacy.

What records does this policy apply to? The policy applies to all University records/documents. Within the policy is a comprehensive list of the types of documents and a definition of each. In addition, the Record Retention Table is an excellent resource to search by specific record type. A few examples of records are: academic/student, human resource and medical records.

If you have questions about this policy, please contact policy@bu.edu