OIT revises Data Management Procedures, publishes Data Sensitivity Framework

As part of a continuing effort to safeguard the university’s most sensitive data, OIT coordinated a major revision to REG 08.00.03 – Data Management Procedures that:

  • explains how the university defines what data are sensitive and need to be handled with extra care,
  • describes the flow of authority for all university data, and
  • characterizes five new levels of data classification:
    • Purple: Ultra-sensitive,
    • Red: Highly sensitive,
    • Yellow: Moderately sensitive,
    • Green: Normal, not sensitive, and
    • White: Unclassified.

Because the management of sensitive data can be a complex and highly interpretive task, OIT has published the Data Sensitivity Framework, a complement of supporting documentation intended to help the university community interpret and apply the regulation.

Where to go for help

Data sensitivity is an issue that raises many questions, and these documents will help you begin to resolve those questions. If you need additional assistance, please contact security@ncsu.edu.