Permission to access resources in a digital domain (after positive authentication)

Information about a person or an entity that, if disclosed, could reasonably be expected to place the person or the entity at risk of criminal or civil liability, or to be damaging to financial standing, employability, reputation or other interests.

Text approved by Harvard counsel to be appended to Harvard contracts in which the vendor is working with Harvard confidential information. The contract riders specify the protections that must be implemented and the criteria that must be met in order for a vendor to work with Harvard confidential information.

Information that can be used to identify individuals either directly or indirectly must be removed. For information to be de-identified under HIPAA, 18 separate identifiers must be removed from the individual's record before that information can be considered de-identified. Covered entities have the option of stripping fewer identifiers from i [..]

The algorithmic transformation of a data set to an unrecognizable form using an encryption key. The original data set or any part thereof can be recovered only with knowledge of a secret decryption key.

Family Educational Rights and Privacy Act; a federal law that requires protecting the privacy of student records.  Learn more about the Family Educational Rights and Privacy Act

A limited data set contains more information about individuals than de-identified data. A limited data set permits use of some identifiable health information, while excluding direct identifiers. This type of disclosure requires a Data Use Agreement between the researcher and the covered entity that establishes the permitted uses and disclosures of [..]

Data set that contains personally identifiable data. Not all data sets can be reasonably de-identified (for example, an audio recorded interview in which a subject identifies him or herself, or a videotape that includes images of subject’s face). In this case, the data set must be considered a non de-identified data set.

Any data that can be linked to individual subjects involving medical information, personal financial information, social security numbers, and any information the disclosure of which outside the research could reasonably place the subjects at risk of criminal or civil liability or be damaging to the subjects' financial standing, employability, [..]