Institutional Data

Institutional data refers to all information that is created, collected, licensed, maintained, recorded, used, or managed by the University, its employees, and agents working on its behalf, regardless of ownership or origin. The electronic and physical systems owned or licensed by Tufts University used to store and access institutional data are institutional systems. Members of the Tufts community are expected to responsibly maintain and use institutional data regardless of the resource used to access or store the data - whether an institutional system, a privately owned resource, or a third-party resource. The privacy of the personal information of University community members and clients should be protected and additionally the University is subject to several laws regarding data privacy.


The University must comply with the Family Educational Rights and Privacy Act and several Massachusetts Data Privacy Laws which inform the University institutional data policies.

Getting Started

  1. Review the Information Stewardship Policy, which sets forth the responsibility that University employees have towards institutional data and how to manage it.
  2. Review business practices with your Information Steward and run an Identity Finder scan to see if your department has caches of data for which there is no business need.


Information Stewardship Policy
Use of Institutional Systems Policy
Security Policies
Information Classification and Handling Policy
University Records Policy
Confidential Records Destruction