All Seattle Pacific University Institutional Data is classified into one of the four classifications or sensitivity levels described below: Restricted, Confidential, Internal, and Public.
For more detail regarding handling of Regulated Data, the Regulated Data Chart provides an overview of the types of regulated data that are permitted in various systems/platforms.
RESTRICTED
Data are classified as restricted if:
- disclosure could cause severe harm to individuals and/or the university, including exposure to criminal and civil liability
- the University is required to self-report to the government or the public notice if the data is inappropriately accessed or handled
- legal and/or compliance regime may require assessment or certification by an external, third party
- loss of confidentiality, integrity or availability of the data has a significant risk to the University's reputation, finances, life and safety of the community, or increases security risk of other systems and data
CONFIDENTIAL
Data are classified as confidential if:
- disclosure could cause significant harm to individuals and/or the university, including exposure to criminal and civil liability
- the data is subject to legal and regulatory requirements due to data that are individually identifiable, highly sensitive and/or confidential
- loss of confidentiality, integrity or availability of the data has a moderate risk to the University's mission, reputation and/or finances
- exposure poses low risk to life and safety
INTERNAL
Data are classified as internal if:
- Disclosure could cause limited harm to individuals and/or the university with some risk of civil liability.
- May be subject to contractual agreements or regulatory compliance, or is individually identifiable, confidential, and/or proprietary.
- loss of confidentiality, integrity or availability of the data has a little risk to the University's mission, reputation and/or finances
- exposure poses no risk to life and safety
PUBLIC
Data are classified as public if:
- data is intended for public release
- loss of confidentiality, integrity or availability of the data has a no risk to the University's mission, reputation and/or finances
- exposure poses no risk to life and safety