Data protection laws exist within the U.S. (federal and state) and in numerous other countries. The purpose of the laws is to regulate the use and handling of data. For Yale faculty, staff, and students, data protection laws pose two main challenges:
- Privacy: how to use and share data for legitimate research and other purposes, while protecting personally identifiable information.
- Security: how to secure personal data in order to prevent unintentional disclosures, access by unauthorized persons, or improper use by unauthorized persons.
Depending upon the specifics of your international work, including whether you transmit or transport data from one country to another, you may need to comply with the data protection laws of more than one jurisdiction.