Policies and Guidelines

There are a number of policies and guidelines related to the use of technology at Tufts including some about state and federal laws related to university business practices.

Tufts Privacy Statements
Tufts University's Privacy Statement and Terms and Conditions of Use disclose the privacy practices for tufts.edu and other Tufts websites that refer to the statement. The University has also prepared several European Economic Area (EEA) Privacy Statement
Cloud Computing Services Policy
This policy outlines the usage of cloud computing resources that provide services, platforms, and infrastructure supporting a wide range of activities involving the processing, exchange, storage, or management of Tufts University institutional data.
Copyright and Fair Use
Visit the Scholarly Communications at Tufts web site to learn more about the Tufts University Policy On Fair Use of Copyrighted Materials.
Digital Millenium Copyright Act and FAQ
Learn about DMCA, a federal law that allows a holder of a copyright to inform an entity that it has violated the copyright, and how it applies to the Tufts community.
Email Policy
Email services are provided to the Tufts community in support of the teaching, learning and research mission of the University and the administrative functions to carry out that mission.
Guide to Massachusetts Data Privacy Laws
Learn more about important Massachusetts data privacy statutes M.G.L. 93H, 93I, and 201 CMR 17.00, including practical advice for compliance.
Information Stewardship Policy
This policy provides core principles for information stewardship at Tufts.
Information Technology Acquisition Policy
The Policy on IT Acquisitions establishes conditions under which a contemplated information technology acquisition would be subject to review by the Technology Services division prior to going forward.
Mailing List Policy
Mailing lists may be used for legitimate purposes related to teaching, course-work, research, administration at Tufts University and university sanctioned student activities.
Network Use Policy
Guidelines for connecting devices to the University network.
Overview of Your Rights and Responsibilities Online
Overview of laws and policies that apply to safe use of University resources when online.
Policies & Standards - Intellectual Property
The Scholarly Communication @ Tufts site provides information for faculty, staff, and students about all aspects of the process used by scholars to share and use the results of their and others' research.
Quick Reference Guide for Sensitive Personal Information (SPI)
This SPI Quick guide includes information about storing and sharing documents; disposal, deletion and redaction; communication or sending to others; and using devices.
Secure Mobile Device Policy
This policy ensures security of both university and personal data stored on mobile devices.
Sensitive Personal Information (SPI) Tips and Guidelines
Helpful tips and guidelines for using Sensitive Personal Information (SPI).
Technical Requirements Matrix for 201 CMR 17
The Technical Requirements Matrix for 201 CMR 17 serves as a "cheat sheet" for technical requirements for systems that house records containing Personal Information.
Tufts Box Use Guideline
This Guideline describes the Tufts Box service and its appropriate use.
Tufts Off-Campus, Telecommuting, and Personal Devices Guidelines
These Guidelines describe actions you can take to protect Tufts information and resources when working outside the Tufts on-campus computing and network infrastructure and when using personal devices.
Tufts Password Policy
The Tufts Username and Tufts Password are contemporary credentials provided centrally to individuals and maintained to help the community manage access to business critical, regulated, personal, private and other forms of information in the University.
Tufts Security and Privacy Program
This Security and Privacy Program supports compliance with Massachusetts laws for safeguarding personal information and the requirement for a Written Information Security Program (WISP).
Tufts Two-factor Authentication (2FA) Policy
This policy for Two-factor Authentication (2FA) ensures the community takes precautions to safeguard their identity, data and Tufts resources.
Tufts University Participant Operating Practices for InCommon Federation
This policy outlines the requirements for Tufts as "Participant Operating Practices for InCommon Federation" participation.
Did you find what you were looking for on this webpage?