Learn how you can guard against loss or unauthorized disclosure of University data.
As explained at Know Your Data and How to Protect University Data:
It is important that you familiarize yourself with the types of data entrusted to you, how you are accessing the data, and how you are storing the data. You are required to adhere to the University's security policies, laws, and contractual agreements for the type of data entrusted to you.
Loss or unauthorized disclosure of private data can harm individuals and the University and may violate laws such as the Family Educational Rights and Privacy Act (FERPA) or the Health Insurance Portability and Accountability Act (HIPAA).
What do you need to do to follow the University requirements to protect the data that you access or use?
It is important that you familiarize yourself with the types of data entrusted to you, how you are accessing the data, and how you are storing the data. You are required to adhere to the University's Information Security Policy and the Data Security Classification Policy, laws, and contractual agreements for the type of data entrusted to you. Follow the steps below, if you use a personally owned computer and/or device or are responsible for self-managing your University-provided computer and/or device.
Identify Your Data's Security Classification
Identify the security level using the data security classification of the data you work with. Then, identify your data security level.
Identify Your Data's Security Level
The University uses the following three security levels. (A text description of the following chart is available.)
Use the Identifying Security Level appendix to determine the security level. Use the security level to identify the information security controls you are required to meet on the computer/device.
Apply the Information Security Standards
The information security standards define the most current controls required for each security level.
- Apply the Information Security standards on your computer/device.
- Periodically review the Information Security standards for updates.
Report Unauthorized Access or Disclosure Immediately
Text Description of 3 Security Levels Chart
- Large amount of data
- Legally protected data
- Impact on critical functions
- Smaller amount of data
- Private and/or public data
- Lower impact on critical functions
- Smallest scope
- Public data
- Low/no impact on critical functions
- Practice Safe Computing
- Information Security Awareness Topics
- University IT Policies:
- Learn how to report information security issues