Do you know the difference?

It's important to know what kind of information you are working with so you can protect it properly. Here's a simple guide to help.

Restricted Data - super sensitive information. Restricted data is "notice-triggering", meaning, we need to notify people if there has been unauthorized access or disclosure of this information. Leaks of this type of information can lead to identity theft, news coverage/publicity, and reputational damage and costs to the university.

Examples: Social Security Number (SSN), driver's license/state ID numbers, financial account numbers, credit card numbers, personal medical and medical insurance information, and passwords.

red light

STOP: Restricted data requires the highest level of security, often driven by legal and regulatory requirements and penalties.

  • Store and send securely. Restricted data should not be stored on mobile devices.
  • Don’t post online.
  • Don’t send or store in Google or other services unless encrypted.
  • Only share with authorized people via a secure method of transport. 

----------------------------

Confidential Data - Moderately sensitive information. Not notice-triggering. This information needs to be protected from unauthorized access.

Examples: home address and phone, birth date, gender, religious or sexual orientation, and other non-RD personal information; student records, grades, evaluations, letters of recommendation; sensitive research (this can also be classified as restricted, such as with certain government research).

yellow lightPROCEED WITH CAUTION: Protect from unauthorized access. Don't post publicly online. May not be OK to send or store in Google or other services unless encrypted. Check with data owner for guidance.

-----------------------------

Non-Confidential Data - Non-sensitive information.

Examples: Campus directory information (name, campus email address, department, etc.) course catalog info, public web pages.

green light

GO: It's okay to share non-confidential information with others or post online. It's also okay to send and store this information in Google and other services.

-----------------------------

For more information, visit the ITS Security Training pages:

Additional Cyber Security Information: http://its.ucsc.edu/security/

For questions or assistance, contact the ITS Support Center: itrequest.ucsc.edu, help@ucsc.edu, 459-HELP, 54 Kerr Hall.