There are a number of policies and regulations that may impact Harvard researchers working with data. Below is a list of the more commonly applicable internal and external regulations.
- Data Ownership: Applies to research data resulting from projects conducted at the University, under the auspices of the University, or with University resources.
- Data Use Agreements: Policy and Guidance documents describe the roles, responsibilities and processes associated with DUAs.
- Enterprise Information Security: University-wide policy applicable to all data created, shared, accessed or otherwise used by Harvard researchers.
- Genomic Data: Policy and procedures for human genomic data sharing and use.
- Intellectual Property: Statement of policy in regard to inventions, patents, and copyrights developed by Harvard researchers.
- Legal Agreements Workflow and Signature Authority: Outlines which offices have authority to review and/or sign specific types of agreements.
- Open Access: Resources pertaining to the schools' policies on Open Access.
- Publications: Overview of acceptable restrictions on publication and review and escalation processes.
- Research Data Security: Applies to all research data physically housed at Harvard or stored remotely under the management of Harvard researchers. Examples of Research Data Security Levels.
- Retention of Research Data and Materials: Basic principles to guide the retention and maintenance of research records by Harvard researchers and staff.
Federal and State Data Regulations
- Family Educational Rights and Privacy Act (FERPA)
- Federal Information Security Management Act (FISMA)
- Gramm-Leach-Bliley Act (GLB Act or GLBA)
- Health Insurance Portability and Accountability Act (HIPAA)
- National Institute of Standards and Technology (NIST)
Massachusetts Data Regulations
- Fair Information Practices Act (FIPA)
- Standards for the Protection of Personal Information of Residents of the Commonwealth