Policies, Standards, & Procedures
Enter a keyword and/or use the dropdown options. Then click SEARCH.
Duke has defined three classes of information: Sensitive, Restricted and Public.
The purpose of this document is to establish and promote the ethical, legal, and secure use of computing and electronic communications for all members of Duke University and its affiliated entities.
When a Duke employee or student leaves the University, their account information (such as email electronic files, voice mail, and other data) will not be made available to a third party except in rare cases as defined in the Duke Acceptable Use Policy.
All data must be reasonably and appropriately managed to maintain data integrity, availability, and, when required, confidentiality to protect against accidental or unauthorized access, modification, disclosure and destruction.
This FAQ is a companion to Duke's Data Security Policy.
The Secure System Usage Memo provides specific steps to help protect the personal information of Duke Health patients, their loved ones and each other.
In an effort to improve the security of all Duke’s websites, the IT Security Office (ITSO), Office of Information Technology (OIT) and Duke Web Governance Group have developed guidance and options for those managing websites at Duke.
Minimum Security Standards: Applications
Minimum Security Standards: Servers