What’s New in Data Classification?

The real question is: What isn’t new in Data Classification? It’s been a busy couple of months.

In our last issue, we previewed the new, streamlined Data Classification page that combines the descriptions of the risk levels (Critical, High, Limited, and No Risk) with the Data Lifecycle Stages (Capture/Create, Store, Use, Share, Archive, and Dispose). The new site also introduced a Search feature, allowing users to find the risk level of an attribute by typing it into the search bar. Now that the new pages are up, we’ve connected them to the Data Cookbook, increasing the number of searchable items to over 1,600. If you’ve ever wondered about the risk levels for “Feed Date” or “Feed Size Bytes” (and I know I have), they are now at your fingertips using the Data Classification search tool.

In a recent meeting of the Data Classification Subgroup, a cross-functional team with members from the Office of the General Counsel, Office of Information Security, Audit and Advisory Services, and Data Administration, the risk level of NUID was raised from 2 Lock (Limited Risk) to 3 Lock (High Risk). What does this mean to you? Reports, emails, documents, and other media that contain NUIDs should be protected in the same manner as those containing student grades (encrypting data in transit, secure disposal, etc.). Our indefatigable Jacqueline Moore has scoured the Cookbook for specifications that contain NUID and has classified them as 3 Lock.

Lastly, next month, Jackie will begin a project with the Digital Archivist from Planning, Real Estate, and Facilities (PREF) to refine the classification of Building Plans. Currently, they are listed as 2 Lock—Limited Risk but, in a recent discussion, we found that some, like “As Built” architectural drawings should be available to the public and others, like utility plans, are more sensitive. Stay tuned for more updates on this topic.