Duke Security Offices use policies, procedures, standards, and other documents to communicate our strategic security objectives for the protection of Duke data and systems. 

Policies, procedures, and standards are organized into the following categories. Select the category to learn more about finding the requirements that apply to Duke University and Duke Health. 

Security Program

Application Security

Data Security

Device Security

Access Security

Vulnerability Management

Protected Network

In addition to policies, procedures, and standards, Duke’s Security Offices publish position statements to outline their views on security-related topics and provide guidance concerning Duke standards that may be developed into policies, procedures, or standards in the future. 

Look at the top of the document to identify whether the document is applicable to Duke University, Duke Health, or both.

Duke University

Duke University security policies, procedures, standards, and positions are listed on this site. Documents are grouped by category.

Duke Health

To find Duke Health security policies and standards:  (Am I Duke Health?)

Policies can be found at Policy Tech at dukeuniversity.policytech.com. You can select Duke Health enterprise and see a grouping of information security policies and standards.

Learn more about obtaining exceptions to Duke Health security policies in the following video:

Recent Document Updates

There are no News items to show.