Data Classifications
This document describes the four classification levels of institutional data at Indiana University, and provides a list of data elements at that level. For general or background information, please see the Knowledge Base document: What is institutional data?
From most sensitive to least sensitive, the university data classifications are:
| Critical | Inappropriate handling of this data could result in criminal or civil penalties, identity theft, personal financial loss, invasion of privacy, and/or unauthorized access to this type of information by an individual or many individuals. |
|---|---|
| Restricted | Because of legal, ethical, or other constraints, may not be accessed without specific authorization, or only selective access may be granted. |
| University-internal | May be accessed by all eligible employees of the university, without restriction, in the conduct of university business; should be the "default" classification for all data, and access restrictions should be applied only as required below. |
| Public | Few restrictions; general public may be granted access. (Some data elements classified as public may have certain dissemination restrictions. For more information, contact the Office of the VP and General Counsel.) |
For more information about data classification, visit the Committee of Data Stewards' Data Classification page.