NEIT Data Classification Standard
Data Type | Description & Examples | Data Classification |
Contractual Non-Disclosure | Information, materials, data and records designated confidential by contract, including information obtained by the University from third parties under non-disclosure agreements or any other contract that designates third party information as confidential. | Internal |
Departmental Administration | Budgetary, departmental, or University planning information. Non-public financial, procurement, health/safety, audit, insurance and claims information. | Internal |
Law Enforcement Information | Non-public law enforcement records generated or maintained by Public Safety. | Privat |
Payment Card Industry (PCI) Information | Information related to credit, debit, or other payment cards. This data type is governed by the Payment Card Industry (PCI) Data Security Standards and overseen by the Bursar’s Office. Credit or debit card information cannot be stored in any electronic format.
| Restricted |
Private Personal Information | This is a category of sensitive information that is associated with an individual person, such as an employee, student, or donor. For everyone:
For employees:
For donors:
| Private |
Proprietary Intellectual Property | Proprietary intellectual property in which the University asserts ownership that is created by University employees in connection with their work. | Internal |
Protected Health Information | Protected Health Information (PHI) is defined by the Health Insurance Portability and Accountability Act (HIPAA). PHI is individually identifiable health information that relates to the Past, present, or future physical or mental health or condition of an individual. Provision of health care to the individual by a covered entity (for example, hospital or doctor). Past, present, or future payment for the provision of health care to the individual. The following individually identifiable data elements, when combined with health information about that person, make such information protected health information (PHI):
| Private
Private
|
Student Education Records (FERPA) | Records that contain information directly related to a student and that are maintained by the University or by a person acting for the University. The Family Educational Rights and Privacy Act (FERPA) governs release of, and access to, student education records. “Directory information” about a student is not regulated by FERPA and can be released by the University without the student’s permission. Students can request non-disclosure from the Registrar’s Office. | Private |
Student Loan Application Information (GLBA) | Personal financial information held by financial institutions and higher education organizations as related to student loan and financial aid applications. Gramm Leach Bliley Act (GLBA) provisions govern this data type. | Private |
Financial Information | Bank account numbers (excluding wire transfer/payment account information on invoices RECEVIED by NEIT)
| Restricted |
Technical Authenticators |
| Restricted |
Network and systems Information, Architecture, and Related information |
| Internal |