Data Sensitivity Framework
The university's data are among its most valuable assets. In order to meet applicable federal, state, regulatory and contractual requirements, we need to protect university data from theft, compromise, or inappropriate use. The Data Sensitivity Framework enables users of university data both to assess its sensitivity level and secure it accordingly from risks which may include, but not be limited to, unauthorized destruction, modification, disclosure, access, use and removal.
If you want to determine how strictly you should treat university data, review Tables of Data Elements, part of the Determining Sensitivity Levels for Shared Data document, to narrow in on a color-coded sensitivity level that best applies to the data you’re working with.
If you already know the color and/or classification level of data you’re handling, Storage Locations for University Data shows where it's ok (and not ok!) to store it to keep it appropriately protected.
Controls for Securing University Data - Best Practices provides a guide for developing internal operating procedures relevant to your working context to ensure you’re protecting sensitive data to an appropriate degree for your work context.
Data Sensitivity Framework - Full Complement of Documents
- REG 08.00.03 Data Management Procedures
- Determining Sensitivity Levels for Shared Data
Reference guide of data elements and their associated classification. The fundamental 'Data Sensitivity Framework' tables.
- Controls for Securing University Data - Best Practices
For Data Stewards, Application Sponsors, Data Custodians and other IT personnel to use to determine how best to protect their data, based upon sensitivity level of the data.
- Data Categories, Trustees, Stewards, and Custodians
List that reflects the latest university organization and titles.
- Storage Locations for University Data
Explanatory document for end users.
- Data Management Procedures Summary & Guidance
'Plain English Language' version of REG 08.00.03 for quick reference and understanding.
- Frequently Asked Questions - Data Management Procedures
A set of questions and answers about the Data Management Procedures and Data Sensitivity Framework, as initiated by the IT Strategic Advisory Committee.