Data Management Framework

To meet applicable federal, state, regulatory and contractual requirements, we must work together to protect university data from theft, compromise, and inappropriate use. The Data Management Framework helps all of us assess the sensitivity levels of the data we work with.  Subsequently, we can learn how to secure the data from such risks as unauthorized destruction, modification, disclosure, access, use, and removal.

UPDATES are a work-in-progress:  Please be advised that guidance and links to other pages are being updated to reflect changes made to the recently updated REG 08.00.03 Data Management Regulation.  If you need help understanding or implementing this regulation per the guidance provided here, please contact Security & Compliance by sending an email to

How Sensitive is My Data?

To determine how to assess the university data you access, see Tables of Data Elements, from the Determining Sensitivity Levels for Shared Data web page.

Once you know the classification level of the data you work with, see Storage Locations for University Data to store it and protect it appropriately.

Controls for Securing University Data provides a guide for developing internal operating procedures relevant to your working context and data-sensitivity level.

Related Documents