APPENDIX TO POLICY

Data Security Classifications by Type

Overview

This appendix assists University community members in identifying the appropriate data security classification (Private-Highly Restricted, Private-Restricted, or Public).

Data Security Classification Examples

The following chart provides examples of data by the corresponding data security classification:

Data ClassificationExamples
Public
  • Employee data:
    • Name
    • Employee ID
    • Salary
    • Gross Pension
    • Value and nature of fringe benefits
    • Expense reimbursements
    • Job titles
    • Job description
    • Education and training
    • Previous work experience
    • First and last employment
    • Existence and status of complaints
    • Terms of buy-out agreements
    • Work location
    • Work phone number
    • Badge number
    • Honors and awards
    • Payroll timesheets
  • Student Directory (unless the student has requested non-disclosure)
    • Name
    • Address
    • Electronic (email) address
    • Telephone number
    • Dates of enrollment
    • Enrollment status
    • Major
    • Advisor
    • College
    • Class
    • Academic awards
    • Degree received
  • Financial data on public sponsored projects
  • Course offerings
  • Invoices and purchase orders
  • Budgets
Private-Restricted
  • Trade secrets or intellectual property such as research activities
  • Birth date
  • Home phone number
  • Home address
  • Driver's License
  • Location of assets
  • Passwords
  • Parking leases
  • Anonymous donors
  • Gender
  • Ethnicity
  • Citizenship
  • Citizen visa code
  • Veteran and disability status
  • Linking a person with the specific subject about which the library user has requested information materials
  • Sealed bids
  • Non-Directory Student data
    • Grades
    • Courses taken
    • Schedule
    • Test scores
    • Advising records
    • Educational services received
    • Disciplinary actions
    • Student ID
    • Immunization records
Private-Highly Restricted
  • Social Security Number
  • Legal investigations conducted by the University
  • Proprietary research
  • Medical records, protected health information as defined by Health Insurance Portability and Accountability Act (HIPAA)
  • Credit card information regulated by the Payment Card Industry Data Security Standard (PCI DSS)

Document Feedback