Policies & Procedures
Duke University Policies
Please click the line above to view Duke's internal standards and procedures (NetID required).
OIT Protected Network: Policies and Procedures
Departmental policy templates (referenced in the above standards)
- HHS HIPAA Security rule guidance (Administrative, Physical, Technical, & Organizational Safeguards)
- NIST's HIPAA Security rule toolkit
- campus machines collecting, storing, or using ePHI in any way must comply with the ITSO technical standards (above) requirements for Sensitive data.
IT Security Vendor Assessments