How To

Configure host based firewalls

Servers may be configured with host-based firewalls that are configured to block all server-to-server communications except where communication is specifically required.

Destroy records with confidential information

Shred papers, CDs, DVDs, etc. with confidential information using Harvard's approved shredding vendor (Data Shredder) or a crosscut shredder. DataShredder also provides hard drive destruction service. The Harvard agreement provides prescheduled pickup service for bins and office consoles and a onetime purge service. A certificate of destruction is always provided for services under contract.

For more information on the University Master Service Agreement please refer to:

...

Read more about Destroy records with confidential information

Coordinate to ensure safe faxing

Contact the recipient in advance to ensure that the Level 3 or 4 confidential information is removed from the fax machine promptly. Do not fax to an unattended machine or to one in an open area.

Transfer records securely and confirm receipt

Options to meet this requirement:
In every case below, use a sealed envelope.

When you can or when the risk dictates [sensitivity, number of records], choose hand delivery or ensure tracking/delivery confirmation. Ensure that you put in a mailbox or FedEx box as opposed to leaving in a basket in an open area for someone else to do so.

-Hand deliver (make sure you hand it to the intended recipient )
-University mail (up to Level 3)
-US Mail (use tracking/delivery confirmation where practical)
-FedEX/UPS (use tracking/delivery...

Read more about Transfer records securely and confirm receipt

Track access to Level 4 information

Create a log of user access to level 4 data, identifying user name, date and time of access, and brief justification statement. Note access method (key or swipe).