Listing Policy

About the Display of Data in Online Directories

With the rise of federated login and other similar practices, more data about Harvard users have been made accessible to authorized applications, and as a result, the need to maintain strict access controls and protect the privacy of these data has intensified. In addition to conforming to existing legal restrictions requiring protection of some student-related data, Harvard must continue to address the privacy concerns of individuals.

Access to a subset of directory data published in printed and online directories, as well as with telephone operators, is governed by privacy values stored in the IAM Database. For these University-wide online directories, the IAM Database is the system of record for privacy. Privacy for students is managed in accordance with the Family Educational Rights and Privacy Act (FERPA, also known as the Buckley Amendment). Business rules that govern the privacy of the data are subject to review by the Office of the General Counsel. Students should contact their registrar for any privacy-related matters.

A single set of privacy values is managed across all roles (such as student and employee) for individuals. Note that if an individual has invoked privacy under FERPA due to either a current or prior University student role, that individual's data will not be published in directories managed by HUIT. All FERPA-related privacy adjustments must be requested by the individual, in writing, with his or her registrar.

Subject to University-wide and local unit policies, employees and affiliates also have the right to control the availability of certain contact data (including photo ID image) by requesting individualized privacy values via their local directory contacts. For help finding your local directory contact, please contact your local HR office.

For general privacy questions about online directories, contact iam_help@harvard.edu.