Skip to content Skip to site navigation Skip to service navigation

Who is covered by Stanford's computer security mandate?

All active Stanford University faculty and staff are subject to the security mandate requiring encryption. Anyone who handles High Risk Data is likewise covered by the mandate, including student employees. Some university schools, departments, or organizations might impose more stringent requirements.

The following tables describe in detail who is and is not covered by the security mandate.

Faculty affiliations

Affiliation QualifIer Device Compliance Mandated Cardinal Key Mandated
faculty active mandated mandated
faculty onleave mandated mandated
faculty emeritus mandated not mandated
faculty otherteaching mandated mandated
faculty affiliate mandated mandated
faculty slac mandated mandated
faculty retired mandated not mandated
faculty nonactive not mandated not mandated
affiliate fellow mandated mandated
affiliate visitingscholarvs conditional* not mandated
affiliate visitingscholarvt not mandated not mandated
affiliate sponsored conditional* not mandated
affiliate courtesy not mandated not mandated
affiliate nonactive not mandated not mandated
* If faculty or affiliates respond to the device enrollment questionnaire that they work with or could receive High Risk Data or Protected Health Information (PHI), they are subject to the mandate. Otherwise, they are not subject to the mandate.

Staff affiliations

Affiliation Qualifier Device Compliance Mandated Cardinal Key Mandated
staff active mandated mandated
staff academic mandated mandated
staff onleave mandated mandated
staff emeritus mandated not mandated
staff otherteaching mandated mandated
staff temporary mandated mandated
staff casual mandated mandated
staff affiliate mandated mandated
staff student conditional* conditional
staff retired mandated not mandated
staff nonactive not mandated not mandated
staff (sumc)   not mandated not mandated
staff (sumc) nonactive not mandated not mandated
* If  staff respond to the device enrollment questionnaire that they work with or could receive High Risk Data or Protected Health Information (PHI), they are subject to the mandate. Otherwise, they are not subject to the mandate.

Student affiliations

Affiliation Qualifier Device Compliance Mandated Cardinal Key Mandated
student active not mandated not mandated
student onleave not mandated not mandated
student postdoc mandated mandated
student ndo not mandated not mandated
student incoming not mandated not mandated
student contingent not mandated not mandated
student notregistered not mandated not mandated
student recent not mandated not mandated
student nonactive not mandated not mandated
Last modified September 1, 2023