Skip to Main Content

Marian University Data Classifications

The purpose of data classifications is to provide a framework for identifying and managing university data based on its sensitivity, intended use, and potential impact if disclosed, altered, or lost.

Overview

Decision Tree Questions

The purpose of this decision tree is to provide a clear and user-friendly method for determining the appropriate security classification for university data. By following a simple series of questions, users can quickly assess the sensitivity of the data they are handling and ensure that it is protected according to institutional policies. This tool helps minimize data security risks, protect sensitive information, and promote compliance with legal and ethical standards.

 

Key Points to Consider

  1. Think of the Audience: Who is allowed to see this data?
  2. Assess Potential Risks: What happens if this data is shared without permission?
  3. Protect Accordingly: Follow the necessary safeguards for the classification level.

Decision Tree Questions

Questions to Determine Data Classification

Start at the first question and determine if the data is publicly available. Follow the path based on your answers, proceeding to the next question if necessary. Arrive at a classification based on the responses and refer to the quick reference table for examples. Apply appropriate security measures to handle the data according to its classification level. If uncertain, consult IT or data governance personnel for additional guidance.

1. Is this information available to anyone in the general public?

  • Examples: Public website content, press releases, event flyers.
    • If YESClassification: Public Data (No restrictions).
    • If NO → Go to Question 2.

2. Does this information contain personal, academic, or financial data about individuals?

  • Examples: Grades, student ID numbers, payment details.
    • If YES → Go to Question 3.
    • If NOClassification: Internal/Private Data (General internal use only).

3. Could sharing this information without permission cause harm, legal issues, or breaches?

  • Examples: Health records (HIPAA), FERPA data, Social Security numbers, research with legal restrictions.
    • If YESClassification: Sensitive/Highly Confidential Data (Highest security required).
    • If NOClassification: Confidential/Restricted Data (Secure handling required).

Quick Reference Guide

Quick reference table for data classifications.

Data Type

Classification

Examples
Public Information Public Data Website content, event flyers, press releases
Internal University Details Internal/Private Data Meeting agendas, staff directories, emails
Personal Academic Records Confidential/Restricted Data Grades, financial aid info, student IDs
Legally Protected Data Sensitive/Highly Confidential Health records, Social Security numbers, research