University Policies and Guidelines
The New York University Policies and Guidelines database serves as a central repository for existing, new, and revised policies. Its primary objectives are to standardize policy format, eliminate redundancies, and enhance organization, accessibility, search, and navigation functions for users. University policies are categorized and listed in menus below, with some appearing in multiple categories.
Policy Assistance
While the database provides a comprehensive repository of University policies, it is not exhaustive. For additional assistance with locating a policy, developing and updating policies, or any other policy-related inquiry, contact NYU Ethics and Compliance at policies@nyu.edu.
New University Policies
Export Compliance Policy - Mar. 13, 2024
Legal Holds Policy - Mar. 1, 2024
Gift Acceptance Policy - Jun. 7, 2023
Revised University Policies
Student Policy on Immunization - Jan. 22, 2024
NYU Travel and Expense Policy - Oct. 30, 2023
Promotion and Tenure Guidelines - Sept. 21, 2023
IT Policy Updates
Retention and Disposal of Records Policy - Mar. 1, 2024
This policy supersedes the Retention and Destruction of Records Policy (enacted July 22, 2010). It contains Schedule "1", the Retention Schedule, in its Appendix. The Schedule has been reformatted for ease of use and has been reviewed for digital accessibility. As noted in the policy, "This Schedule is being reviewed and updated. If you need a longer retention period or have other questions, please contact eim@nyu.edu."
Standard for Destruction and Disposal of Electronic Equipment and Data - Feb. 29, 2024
The policy has been updated with the removal of the Service Desk references for help, and by removal of the expectation to redeploy software licenses from the policy as that is increasingly uncommon with modern licensing, so should not be in the policy as a requirement.
Data and System Security Policy - Feb. 14, 2024
The CISO’s office provided two major updates to this policy. One concerns passwords, which now shall be 14 or more characters in length. The second concerns Operating System Protection which emphasizes the installation of GOIS-approved solutions for threat detection and prevention of malicious code, intrusions, and vulnerable software.
New York University GLBA Information Security Program - Feb. 14, 2024
The update to this policy concerns the units identified as the GLBA-affected areas.
Policy on Compliance with Cybersecurity Requirements of NYS Department of Financial Services - Feb. 14, 2024
The update to this policy concerns the units identified as in scope for the DFS regulation.
IT Scheduled Maintenance Guidelines - Jan. 23, 2024
This document provides the most current information for those members of the NYU community who need to plan activities around maintenance dates.
Policy Against Information Blocking of Electronic Health Information - Sept. 2023
The policy update concerns the enforcement of information-blocking penalties for health IT entities and is the entire third paragraph of the Background section of the policy.