Educause Security Discussion mailing list archives
Re: Data Classification Schema
From: Robert Meyers <remeyers () MAIL WVU EDU>
Date: Fri, 30 Dec 2011 10:13:13 -0500
Can I assume that the University of Rochester is governed by New York FOIA? How does that affect the classifications Confidential and Internal Use Only? While we continue to struggle with codification of data classification, the current suggested structure is Confidential by Legal Definition, Restricted (but available via WV FOIA procedures), and Public. Departmental specific information is still WVU information and therefore subject to the enterprise classifications. Sub-classifications by department implies separate laws governing those divisions which is not the case. In a public agency it is well argued that only legally restricted information such as PII is truly confidential. But that's only my opinion. I've been wrong today a dozen times and it isn't yet lunch time. Bob Robert E. Meyers, Ms.Ed. Educational Program Manager Office of Information Security West Virginia University office: (304) 293-8502 remeyers () mail wvu edu
On Friday, December 30, 2011 at 8:54 AM, "Myers, Julie"
<julie.myers () ROCHESTER EDU> wrote: We have a four level data classification structure at the University of Rochester: Legally Restricted, Confidential, Internal Use Only, Public. I know many university*s have a data classification policy and within that policy examples are highlighted for the reader. I was wondering if anyone has taken their data classification process down to the next level and created a data map / schema to assist the end users and to try remove the shades of gray when trying to classify department specific information ? We continually are question on *what is confidential* and are trying to more clearly define this for our end users. I hope you all have a wonderful New Year ! Thank you, Julie Myers Chief Information Security Officer University of Rochester - University IT julie.myers () rochester edu p: 585.273.1804 c: 585.208.0939 P Think twice before you print CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the sender and delete this email from your system. Thank you.
Current thread:
- Data Classification Schema Myers, Julie (Dec 30)
- Re: Data Classification Schema Robert Meyers (Dec 30)
- Re: Data Classification Schema Valdis Kletnieks (Dec 30)
- Re: Data Classification Schema Lewis, David (CIO) (Dec 30)