Data Classification Levels, Information Technology

Title: Data Classification Levels, Information Technology
Policy Owner: Information Security Office
Applies to: Students, Employees, Users
Campus Applicability:  All Campuses, except UConn Health
Effective Date: May 16, 2012
For More Information, Contact Chief Information Security Officer
Contact Information: (860) 486-8255
Official Website: http://security.uconn.edu/

This policy is available in the Information Security Policy Manual.

Confidential Data requires the highest level of privacy and may not be released. Confidential Data is data that is protected by either:

  • Legal or regulatory requirements (e.g., HIPAA)
  • Contractual agreements (e.g., Non Disclosure Agreements)

See the extended list of Confidential Data for common types of confidential data.

Protected Data must be appropriately protected to ensure a lawful or controlled release (e.g. Connecticut Freedom of Information Act requests). This is all data that is neither Confidential or Public data (e.g., employee email).

Public Data is open to all users, with no security measures necessary. Data is public if:

  • There is either an obligation to make the data public (e.g., Fact Sheets), or
  • The information is intended to promote or market the University, or pertains to institutional initiatives (e.g., brochures)

Policy Created: May 16, 2012