Universities have long been a favorite target for hackers bent on pilfering private data for identity theft and exploitation. As of August 2014, The Privacy Rights Clearing House PRC Chronology of Data Breaches documented 742 breaches in education since 2005, involving more than 14 million breached records. 

Higher education institutions have a reputation for employing less stringent data security protocols which increases the potential of accidental data loss and exposure. The breadth and volume of personal data collected by universities, coupled with high turnover and a technically un-savvy population in general, makes the problem of data loss at institutions nearly epidemic in nature.

Some information that is considered sensitive data requires special care and handling. Inappropriate handling of the data could result in penalties, identity theft, financial loss, invasion of privacy, or unauthorized access by an individual or many individuals. The data could also be subject to regulation by state or federal laws and require notification in the event of a disclosure.

Improper disclosure of sensitive data can damage the image and reputation of the Institute, cause financial loss and embarrassment to students, faculty, and staff, and incur legal obligations and financial costs related to notifying the individuals affected by the disclosure.

It is in everyone's interest to ensure that the Institute's sensitive data is appropriately protected. It is also everyone's responsibility to safeguard such data.

This site provides:

• information to help the MIT community protect the data the Institute handles during its day-to-day operations; and
• steps for individuals to protect their own personal data.