What Constitutes Confidential and Restricted Data

Topic

Learn how data is classified as confidential and restricted data at Ferris.

Information

Confidential Data

Highest sensitivity

Note: Emails containing confidential data should always be encrypted. 

Employee Data

  • SSN
  • Driver’s License
  • Passport Information
  • Race, ethnicity, and/or nationality, gender
  • Financial Accounts (checking, savings, brokerage, CD, credit and/or debit cards, etc.) (Ferris corporate card numbers)
  • Date of Birth
  • Salary/Payroll information (W-2, W-4, Bulldog Card, union dues) (garnishments, child support, separation agreements, etc.) (Worker’s Compensation, disability claims)
  • Personnel Records, performance reviews, benefit information
  • OSHA reportable findings
  • Passwords/PIN numbers

Student Data

  • Academic status
  • Student Campus-Wide ID (101xxxxx)
  • Date of birth (May be different for athletic eligibility use)
  • Mass mailing of email address
  • Race, ethnicity, and/or nationality, genders
  • Grades
  • GPA
  • Student Identification/ID Card Photographs (exception made for University sports photos)
  • Residency status
  • Student’s class schedule
  • SSN
  • Test scores
  • Universal Indicator Code (UIC)
  • Student background checks
  • Student misconduct files/Student Judicial Services files
  • Student and parent financial information
  • NCAA documentation
  • SEVIS/immigration information
  • Passwords/PIN numbers

HIPAA Information

  • Name
  • Geography (Zip Code, city)
  • Dates (birth, admitted)
  • Phone
  • Fax
  • Email information
  • SSN
  • Medical ID
  • Health plan ID
  • Account numbers
  • Certificate numbers
  • License plate/VIN
  • Device IDs or serial numbers
  • URLs
  • IP address
  • Biometrics
  • Facial photographs
  • Any other unique ID (diagnosis code, etc.)

Miscellaneous Information

  • Library transactions (e.g., circulation, etc.)
  • Public Safety’s case information
  • Vendor information with SSN or Confidential information
  • Audit logs
  • IT system event data
  • Data incident/breach information
  • IT infrastructure information (firewall/network)
  • General Counsel’s case information
  • IT system configuration information
  • All other credit card information (PCI data)

Restricted Data

Note: Please consider encrypting emails containing restricted data. When in doubt, encrypt the email!

Employee Data

  • Employee Campus-Wide ID (101xxxxx)
  • Directory/contact information designated by the owner as “Private”
  • Ferris owned cell phone numbers, except with departmental approval
  • Programming code

Business/Financial/Management Data

  • Financial transactions which do not include confidential data
  • Contracts that don’t contain PII
  • University’s credit report
  • Records on spending, borrowing, net worth
  • Annual budget information
  • Budget account numbers
  • Conflict of Interest disclosures
  • University’s investment information, except with departmental approval
  • University building blueprints

Academic/Research Information

  • Unpublished research or research detail/results that are not confidential data
  • Private funding information
  • Aggregate human subject information
  • Course evaluations

Donor Information

  • Telephone/fax numbers, email, employment information
  • Family information (e.g., spouses, partner, guardian, children, grandchildren, etc.) (follow-up with Mary Kay about this)
  • Medical Information

Legal Information

  • Data for a pending/potential legal case(s)
    • Client/Defendant information
    • Attorney-client privilege
Please Note: This is not meant to be an all-inclusive list.
Print Article

Related Articles (2)

Encrypt an Email in Microsoft Outlook
How to encrypt an email in Outlook.
Reading Encrypted Outlook Email Messages
How to read an encrypted email.