Data Sensitivity Framework


The university’s data are among its most valuable assets. In order to meet applicable federal, state, regulatory and contractual requirements, we need to protect university data from theft, compromise, or inappropriate use. The Data Sensitivity Framework enables users of university data both to assess its sensitivity level and secure it accordingly from risks which may include, but not be limited to, unauthorized destruction, modification, disclosure, access, use and removal.

If you want to determine how strictly you should treat university data, review Tables of Data Elements, part of the Determining Sensitivity Levels for Shared Data document, to narrow in on a color-coded sensitivity level that best applies to the data you’re working with.

If you already know the color and/or classification level of data you’re handling, Storage Locations for University Data shows where it’s ok (and not ok!) to store it to keep it appropriately protected.

Controls for Securing University Data – Best Practices provides a guide for developing internal operating procedures relevant to your working context to ensure you’re protecting sensitive data to an appropriate degree for your work context.

Data Sensitivity Framework – Full Complement of Documents