News

GDPR Updates: UK Standard Contractual Clauses, and potential revival of Privacy Shield

April 7, 2022

Standard Contractual Clauses: Since leaving the European Union (EU), the United Kingdom (UK) enacted their own version of the General Data Protection Regulation (UK GDPR), and began the process of developing a UK-specific iteration of the EU's Standard Contractual Clauses (SCCs). Earlier this year, the UK published...

Read more about GDPR Updates: UK Standard Contractual Clauses, and potential revival of Privacy Shield

Personal Information Protection Law of the People’s Republic of China

October 25, 2021

On November 1, 2021, China’s Personal Information Protection Law (PIPL) will go into effect. Stanford University’s DigiChina website has published a translation, here. The PIPL is similar to the General Data Protection Regulation (GDPR) in many ways, however there are some important distinctions (IAPP gives a good overview, here).

As is the case with identified or identifiable data pertaining to individuals in the European Economic Area or United Kingdom (“Personal Data” under GDPR), Personal Information under PIPL is considered Sensitive research data, and must be treated accordingly per the Research Data Security Policy and Enterprise Information Security Policy.... Read more about Personal Information Protection Law of the People’s Republic of China

GDPR Research Guidance

August 18, 2021

International projects and collaborations are an instrumental part of Harvard's research community. Certain activities, such as working with Personal Data per the General Data Protection Regulation (GDPR), require researchers and administrators to be aware of applicable restrictions and considerations. To help clarify some of GDPR's relevant requirements, the Office of the Vice Provost of Research, with input from other stakeholders, has developed ...

Read more about GDPR Research Guidance

Updated Research Data Security Policy goes live July 15, 2020

July 13, 2020

OVPR and HUIT, working with stakeholders, have revised the Harvard Research Data Security Policy (HRDSP), which will be effective as of July 15, 2020. The updated HRDSP better reflects current roles and practices, and importantly, requires use of the existing applications (e.g. ESTR-IRB, Agreements-DUA, and Data Safety and Security) to provide easier access to relevant information and reviews.... Read more about Updated Research Data Security Policy goes live July 15, 2020

New Research Data Safety Application

December 5, 2019


December 5 is the soft launch of the new Data Safety Application!

The research administration and compliance team has been working with the Office of the Vice Provost of Research and Harvard University Information Technology to develop a Data Safety and Security system to support the review and implementation of research data management plans. The soft launch of the Data Safety Application on December 5 will provide a period where School Security Officers can use the system to complete reviews and work with research teams to gather feedback. Based on this period of feedback, HUIT and OVPR will continue to refine system functionality and make improvements to the security review process.... Read more about New Research Data Safety Application