Body
Topic
Learn how data is classified as confidential and restricted data at Ferris.
Information
Confidential Data
Highest sensitivity
Note: Emails containing confidential data should always be encrypted.
Employee Data
- SSN
- Driver’s License
- Passport Information
- Race, ethnicity, and/or nationality, gender
- Financial Accounts (checking, savings, brokerage, CD, credit and/or debit cards, etc.) (Ferris corporate card numbers)
- Date of Birth
- Salary/Payroll information (W-2, W-4, Bulldog Card, union dues) (garnishments, child support, separation agreements, etc.) (Worker’s Compensation, disability claims)
- Personnel Records, performance reviews, benefit information
- OSHA reportable findings
- Passwords/PIN numbers
Student Data
- Academic status
- Student Campus-Wide ID (101xxxxx)
- Date of birth (May be different for athletic eligibility use)
- Mass mailing of email address
- Race, ethnicity, and/or nationality, genders
- Grades
- GPA
- Student Identification/ID Card Photographs (exception made for University sports photos)
- Residency status
- Student’s class schedule
- SSN
- Test scores
- Universal Indicator Code (UIC)
- Student background checks
- Student misconduct files/Student Judicial Services files
- Student and parent financial information
- NCAA documentation
- SEVIS/immigration information
- Passwords/PIN numbers
HIPAA Information
- Name
- Geography (Zip Code, city)
- Dates (birth, admitted)
- Phone
- Fax
- Email information
- SSN
- Medical ID
- Health plan ID
- Account numbers
- Certificate numbers
- License plate/VIN
- Device IDs or serial numbers
- URLs
- IP address
- Biometrics
- Facial photographs
- Any other unique ID (diagnosis code, etc.)
Miscellaneous Information
- Library transactions (e.g., circulation, etc.)
- Public Safety’s case information
- Vendor information with SSN or Confidential information
- Audit logs
- IT system event data
- Data incident/breach information
- IT infrastructure information (firewall/network)
- General Counsel’s case information
- IT system configuration information
- All other credit card information (PCI data)
Restricted Data
Note: Please consider encrypting emails containing restricted data. When in doubt, encrypt the email!
Employee Data
- Employee Campus-Wide ID (101xxxxx)
- Directory/contact information designated by the owner as “Private”
- Ferris owned cell phone numbers, except with departmental approval
- Programming code
Business/Financial/Management Data
- Financial transactions which do not include confidential data
- Contracts that don’t contain PII
- University’s credit report
- Records on spending, borrowing, net worth
- Annual budget information
- Budget account numbers
- Conflict of Interest disclosures
- University’s investment information, except with departmental approval
- University building blueprints
Academic/Research Information
- Unpublished research or research detail/results that are not confidential data
- Private funding information
- Aggregate human subject information
- Course evaluations
Donor Information
- Telephone/fax numbers, email, employment information
- Family information (e.g., spouses, partner, guardian, children, grandchildren, etc.) (follow-up with Mary Kay about this)
- Medical Information
Legal Information
- Data for a pending/potential legal case(s)
- Client/Defendant information
- Attorney-client privilege
Please Note: This is not meant to be an all-inclusive list.