There are a number of policies and regulations that may impact Harvard researchers working with data. Below is a list of the more commonly applicable internal and external regulations.

Harvard Policies

• Authorship (coming soon)
• Data Ownership: Applies to research data resulting from projects conducted at the University, under the auspices of the University, or with University resources.
• Data Use Agreements: Policy and Guidance documents describe the roles, responsibilities and processes associated with DUAs. 
• Enterprise Information Security: University-wide policy applicable to all data created, shared, accessed or otherwise used by Harvard researchers.
• Intellectual Property:  Statement of policy in regard to inventions, patents, and copyrights developed by Harvard researchers. 
• Legal Agreements Workflow and Signature Authority: Outlines which offices have authority to review and/or sign specific types of agreements.
• Open Access: Resources pertaining to the schools' policies on Open Access. 
• Publications: Overview of acceptable restrictions on publication and review and escalation processes. 
• Research Data Security: Applies to all research data physically housed at Harvard or stored remotely under the management of Harvard researchers.
• Retention of Research Data and Materials: Basic principles to guide the retention and maintenance of research records by Harvard researchers and staff.

Federal and State Data Regulations

• Family Educational Rights and Privacy Act (FERPA)
• Federal Information Security Management Act (FISMA)
• Gramm-Leach-Bliley Act (GLB Act or GLBA)
• Health Insurance Portability and Accountability Act (HIPAA) 
• National Institute of Standards and Technology (NIST)

Massachusetts Data Regulations

• Fair Information Practices Act (FIPA)
• Standards for the Protection of Personal Information of Residents of the Commonwealth

International Data Regulations

• Export Administration Regulations (EAR)
• General Data Protection Regulation (GDPR)