This document describes the four classification levels of institutional data at Indiana University, and provides a list of data elements at that level. For general or background information, please see the Knowledge Base document: What is institutional data?
From most sensitive to least sensitive, the university data classifications are:
|Critical||Inappropriate handling of this data could result in criminal or civil penalties, identity theft, personal financial loss, invasion of privacy, and/or unauthorized access to this type of information by an individual or many individuals.|
|Restricted||Because of legal, ethical, or other constraints, may not be accessed without specific authorization, or only selective access may be granted.|
|University-internal||May be accessed by all eligible employees of the university, without restriction, in the conduct of university business; should be the "default" classification for all data, and access restrictions should be applied only as required below.|
|Public||Few restrictions; general public may be granted access. (Some data elements classified as public may have certain dissemination restrictions. For more information, contact the Office of the VP and General Counsel.)|
For more information about data classification, visit the Committee of Data Stewards' Data Classification page.