What Constitutes Confidential and Restricted Data

Topic

Learn how data is classified as confidential and restricted data at Ferris.

Information

Confidential Data

Highest sensitivity

Note: Emails containing confidential data should always be encrypted. 

Employee Data

  • SSN
  • Driver’s License
  • Passport Information
  • Race, ethnicity, and/or nationality, gender
  • Financial Accounts (checking, savings, brokerage, CD, credit and/or debit cards, etc.) (Ferris corporate card numbers)
  • Date of Birth
  • Salary/Payroll information (W-2, W-4, Bulldog Card, union dues) (garnishments, child support, separation agreements, etc.) (Worker’s Compensation, disability claims)
  • Personnel Records, performance reviews, benefit information
  • OSHA reportable findings
  • Passwords/PIN numbers

Student Data

  • Academic status
  • Student Campus-Wide ID (101xxxxx)
  • Date of birth (May be different for athletic eligibility use)
  • Mass mailing of email address
  • Race, ethnicity, and/or nationality, genders
  • Grades
  • GPA
  • Student Identification/ID Card Photographs (exception made for University sports photos)
  • Residency status
  • Student’s class schedule
  • SSN
  • Test scores
  • Universal Indicator Code (UIC)
  • Student background checks
  • Student misconduct files/Student Judicial Services files
  • Student and parent financial information
  • NCAA documentation
  • SEVIS/immigration information
  • Passwords/PIN numbers

HIPAA Information

  • Name
  • Geography (Zip Code, city)
  • Dates (birth, admitted)
  • Phone
  • Fax
  • Email information
  • SSN
  • Medical ID
  • Health plan ID
  • Account numbers
  • Certificate numbers
  • License plate/VIN
  • Device IDs or serial numbers
  • URLs
  • IP address
  • Biometrics
  • Facial photographs
  • Any other unique ID (diagnosis code, etc.)

Miscellaneous Information

  • Library transactions (e.g., circulation, etc.)
  • Public Safety’s case information
  • Vendor information with SSN or Confidential information
  • Audit logs
  • IT system event data
  • Data incident/breach information
  • IT infrastructure information (firewall/network)
  • General Counsel’s case information
  • IT system configuration information
  • All other credit card information (PCI data)

Restricted Data

Note: Please consider encrypting emails containing restricted data. When in doubt, encrypt the email!

Employee Data

  • Employee Campus-Wide ID (101xxxxx)
  • Directory/contact information designated by the owner as “Private”
  • Ferris owned cell phone numbers, except with departmental approval
  • Programming code

Business/Financial/Management Data

  • Financial transactions which do not include confidential data
  • Contracts that don’t contain PII
  • University’s credit report
  • Records on spending, borrowing, net worth
  • Annual budget information
  • Budget account numbers
  • Conflict of Interest disclosures
  • University’s investment information, except with departmental approval
  • University building blueprints

Academic/Research Information

  • Unpublished research or research detail/results that are not confidential data
  • Private funding information
  • Aggregate human subject information
  • Course evaluations

Donor Information

  • Telephone/fax numbers, email, employment information
  • Family information (e.g., spouses, partner, guardian, children, grandchildren, etc.) (follow-up with Mary Kay about this)
  • Medical Information

Legal Information

  • Data for a pending/potential legal case(s)
    • Client/Defendant information
    • Attorney-client privilege
Please Note: This is not meant to be an all-inclusive list.
Print Article

Details

Article ID: 9491
Created
Tue 7/9/24 1:34 PM
Modified
Tue 7/9/24 1:42 PM

Related Articles (2)

Encrypt an Email in Microsoft Outlook
How to encrypt an email in Outlook.
Reading Encrypted Outlook Email Messages
How to read an encrypted email.