All Seattle Pacific University Institutional Data is classified into one of the four classifications or sensitivity levels described below: Restricted, High, Moderate, and Low. For more detail, see:
- About Sensitive Data Classification. Classification levels drive required and recommended protections.
Examples of Sensitive Data by U-M Role. Data examples grouped by the U-M community members who work with them the most.
Sensitive Data Guide to IT Services. Which IT services at U-M can be used to store and share particular data types.
| Panel |
|---|
| bgColor | #F9F9F9 |
|---|
| borderWidth | 0 |
|---|
| titleBGColor | #f44336 |
|---|
| title | RESTRICTED |
|---|
|
- Disclosure could cause severe harm to individuals and/or the university, including exposure to criminal and civil liability.
- Has the most stringent legal or regulatory requirements and requires the most prescriptive security controls.
- Legal and/or compliance regime may require assessment or certification by an external, third party.
| Expand |
|---|
| - HIPAA protected health records
- PCI-DSS regulated credit card information
- FISMA protected research
|
|
| Panel |
|---|
| bgColor | #F9F9F9 |
|---|
| borderWidth | 0 |
|---|
| titleBGColor | #f57c00 |
|---|
| title | HIGH |
|---|
|
- Disclosure could cause significant harm to individuals and/or the university, including exposure to criminal and civil liability.
- Usually subject to legal and regulatory requirements due to data that are individually identifiable, highly sensitive and/or confidential.
| Expand |
|---|
| - Attorney client privilege records
- Financial accounts and direct deposit information
- Human Subject research data
- Social Security Numbers
- Student loan application information (GLBA)
|
|
| Panel |
|---|
| bgColor | #F9F9F9 |
|---|
| borderWidth | 0 |
|---|
| titleBGColor | #ffc107 |
|---|
| title | MODERATE |
|---|
|
- Disclosure could cause limited harm to individuals and/or the university with some risk of civil liability.
- May be subject to contractual agreements or regulatory compliance, or is individually identifiable, confidential, and/or proprietary.
| Expand |
|---|
| - Building plans and associated information
- Contracts with third-party entities
- Donor records (individual)
- Employee records (multiple types)
- Emergency planning information
- Immigration documents (such as visas)
- Intellectual or other proprietary property
- Student education records (FERPA)
- University non-public financial information
|
|
| Panel |
|---|
| bgColor | #F9F9F9 |
|---|
| borderWidth | 0 |
|---|
| titleBGColor | #4caf50 |
|---|
| title | LOW |
|---|
|
- Encompasses public information and data for which disclosure poses little to no risk to individuals or the university.
- Anyone regardless of institutional affiliation can access without limitation.
| Expand |
|---|
| - Course catalogs and time schedule
- Faculty, staff, and student directory information (unless there is a privacy block)
- General institutional and business information not classified as Restricted, High, or Moderate
- Information in the public domain
- Public websites
- Published research (barring other publication restrictions)
- Research Awards
- Research Proposals
|
|