Policies and Guidelines

There are a number of policies and guidelines related to the use of technology at Tufts including some about state and federal laws related to university business practices.

Tufts Privacy Statements
Tufts University's Privacy Statement and Terms and Conditions of Use disclose the privacy practices for tufts.edu and other Tufts websites that refer to the statement. The University has also prepared several European Economic Area (EEA) Privacy Statement
Cloud Computing Services Policy
This policy outlines the usage of cloud computing resources that provide services, platforms, and infrastructure supporting a wide range of activities involving the processing, exchange, storage, or management of Tufts University institutional data.
Copyright and Fair Use
Visit the Scholarly Communications at Tufts web site to learn more about the Tufts University Policy On Fair Use of Copyrighted Materials.
COVID-19 SMS Terms of Service
Terms related to Tufts SMS text service for COVID-19 Testing
Digital Millenium Copyright Act and FAQ
Learn about DMCA, a federal law that allows a holder of a copyright to inform an entity that it has violated the copyright, and how it applies to the Tufts community.
Email Standards & Guidelines
Email services are provided to the Tufts community in support of the teaching, learning and research mission of the University and the administrative functions to carry out that mission.
Guide to Massachusetts Data Privacy Laws
Learn more about important Massachusetts data privacy statutes M.G.L. 93H, 93I, and 201 CMR 17.00, including practical advice for compliance.
Information Stewardship Policy
This policy provides core principles for information stewardship at Tufts.
Mailing List Policy
Mailing lists may be used for legitimate purposes related to teaching, course-work, research, administration at Tufts University and university sanctioned student activities.
Network Use Policy
Guidelines for connecting devices to the University network.
Overview of Your Rights and Responsibilities Online
Overview of laws and policies that apply to safe use of University resources when online.
Policies & Standards - Intellectual Property
The Scholarly Communication @ Tufts site provides information for faculty, staff, and students about all aspects of the process used by scholars to share and use the results of their and others' research.
Quick Reference Guide for Sensitive Personal Information (SPI)
This SPI Quick guide includes information about storing and sharing documents; disposal, deletion and redaction; communication or sending to others; and using devices.
Research Tools: Security & Privacy
A list of tools and services reviewed by TTS for use in research studies and information to request a review of a tool or service.
Routine/Preventive (Server & Database) Maintenance Standard
These are the guidelines/standards used by Tufts Technology Services (TTS) Enterprise Infrastructure and Operations (EIO) team for non-critical systems/server patching including all routine/preventative (server & database) maintenance.
Secure Mobile Device Policy
This policy ensures security of both university and personal data stored on mobile devices.
Sensitive Personal Information (SPI) Tips and Guidelines
Helpful tips and guidelines for using Sensitive Personal Information (SPI).
Technical Requirements Matrix for 201 CMR 17
The Technical Requirements Matrix for 201 CMR 17 serves as a "cheat sheet" for technical requirements for systems that house records containing Personal Information.
Tufts Box Use Guideline
This Guideline describes the Tufts Box service and its appropriate use.
Tufts Off-Campus, Telecommuting, and Personal Devices Guidelines
These Guidelines describe actions you can take to protect Tufts information and resources when working outside the Tufts on-campus computing and network infrastructure and when using personal devices.
Tufts Username and Password Policy
The Tufts Username and Tufts Password are contemporary credentials provided centrally to individuals and maintained to help the community manage access to business critical, regulated, personal, private and other forms of information in the University.
Tufts Security and Privacy Program
This Security and Privacy Program - University’s Written Information Security Program (WISP) - sets administrative, technical & physical safeguards to protect Restricted Institutional Data & supports compliance w/privacy & security laws & regulations.
Tufts Two-factor Authentication (2FA) Policy
This policy for Two-factor Authentication (2FA) ensures the community takes precautions to safeguard their identity, data and Tufts resources.
Tufts University Participant Operating Practices for InCommon Federation
This policy outlines the requirements for Tufts as "Participant Operating Practices for InCommon Federation" participation.
Tufts Technology and Information Policy
This Policy provides the CIO the ability to adopt & approve Standards, Baselines, Procedures, Protocols, Guidelines, and other Supporting Documents.