Data Elements Allowed in Public Cloud Platform

UW-Madison has classified its institutional data assets into risk based categories for determining who is allowed to access institutional data and what security precautions must be taken to protect it against unauthorized access and use. The four classifications are Restricted, Sensitive, Internal, and Public. Additional details on these definitions can be found on the Data at UW-Madison website and the UW-Madison IT Data Classification Policy.

As noted in the IT Data Classification Policy, please use the default classifications as a starting point, and then adjust the classification of a data set based on the combination of data elements present, the regulatory environment, and other factors referred to in the policy.  Context is important!   If you are unsure how to classify your data, please contact cybersecurity@cio.wisc.edu.

Public data elements are allowed in any Public Cloud solution

Data should be classified as Public prior to display on web-sites or once published without access restrictions; and when the unauthorized disclosure, alteration or destruction of that data would result in little or no risk to the University and its affiliates.

Examples of Public data elements include:

  • Published Research Data
  • Campus Maps
  • Job Postings
  • Public Policies & Procedures
  • Information available on a public website
  • Course Information

Internal data elements are allowed in any Public Cloud solution

Data should be classified as Internal when the unauthorized disclosure, alteration, loss or destruction of that data could result in some risk to the University, affiliates, or research projects. By default, all Institutional Data that is not explicitly classified as Restricted, Sensitive or Public data should be treated as Internal data.

Examples of Internal data elements include:

  • Unpublished Research Data, unless it contains sensitive or restricted data
  • Student Records without PII (Personally Identifiable Information)
  • Admission Applications
  • Faculty / Staff employment applications
  • Faculty / Staff personnel files
  • Salary
  • Date of Birth

Sensitive data elements managed in any Public Cloud solution should be reviewed by the Office of Cybersecurity

Data should be classified as Sensitive when the unauthorized disclosure, alteration, loss or destruction of that data could cause a moderate level of risk to the University, affiliates or research projects. Data should be classified as Sensitive if the loss of confidentiality, integrity or availability of the data could have a serious adverse effect on university operations, assets or individuals.

Examples of Sensitive data elements include:

  • Unpublished Research Data, for which the loss would result in moderate risk to the University, affiliates or research projects.
  • Export Controlled information under US Laws

Restricted data elements are not allowed in any Public Cloud solution without review by the Office of Cybersecurity

Data should be classified as Restricted when the unauthorized disclosure, alteration, loss or destruction of that data could cause a significant level of risk to the University, affiliates or research projects.

Examples of Restricted data elements include:

  • Protected Health Information (PHI) – HIPAA
  • Data Protected by PCI Regulations
  • Data Protected by Select Agent (SA) Regulations - FISMA
  • Social Security Number (SSN)
  • UW-Madison Photo ID Number
  • Data Protected by FERPA
  • Financial Account Number or Any Data That Would Permit Access to an Individual’s Financial Account
  • Driver’s License Number or State Identification Number
  • Deoxyribonucleic Acid (DNA) Profile
  • Unique Biometric Data

If you are unsure how to classify your data, please contact cybersecurity@cio.wisc.edu.




Keywords:google gcp data elements classification restricted sensitive internal public security baa aws amazon Microsoft Azure   Doc ID:100124
Owner:Mike V.Group:Public Cloud
Created:2020-04-06 12:18 CSTUpdated:2020-09-03 14:26 CST
Sites:Public Cloud
Feedback:  0   0