Skip to content

Security and Privacy Policies

The Data Analytic Core (DAC) Information Systems (IS) are designed to ensure the protection of confidentiality, integrity, and availability of the Information Resources (IR) it contains. The security and privacy policies are designed to meet compliance with NIST SP800-53, in accordance with requirements under Data Use Agreements with the Centers for Medicare and Medicaid Services. All policies are specific to DAC Information Systems and do not represent compliance with these controls for any other Information System at Dartmouth College.

Below under development

Security Controls

Access Control (AC)

Awareness and Training (AT)

Audit and Accountability (AU)

Security Assessment and Authorization (CA)

Configuration Management (CM)

Contingency Planning (CP)

Identification and Authentication (IA)

Incident Response (IR)

Maintenance (MA)

Media Protection (MP)

Physical and Environmental Protection (PE)

Planning (PL)

Program Management (PM)

Personnel Security (PS)

Risk Assessment (RA)

System and Services Acquisition (SA)

Systems and Communication Protection (SC)

System and Information Integrity (SI)

Privacy Controls

Authority and Purpose

Accountability Audit Risk Management

Data Quality Integrity

Data Minimization Retention




Use Limitation

Please contact the DAC for any concerns, complaints, or questions regarding DAC Privacy Practices at:

Important Update: DAC staff are working remotely in support of social distancing efforts. As a result, there may be slower than usual response times and reprioritization of work.