Purdue Fort Wayne- Restricted Data Examples

Overview

 All the information regarding restricted data.

Instructions

• Data Classification & Handling
• Cloud Computing Consumer Guidelines - (Purdue Central IT)
• Handling Electronically Stored Information - (Purdue Central IT)
• Data Storage at Purdue Central IT
• Acceptable Cloud Service Use- (Purdue Central IT)

This information comes from PUWL’s Data Classification and Handling Certification training materials.  The following are examples of Restricted data which cannot be stored in OneDrive, O365 Groups, or SharePoint:

1. Garnishments; credit card numbers; bank account numbers; grant proposals; employee counseling and discipline; I9 documentation.
2. Student academic record information, non-directory information, SSN, date of birth, grades, GPA, transcripts, academic standing.
3. Self-Identification Information such as ethnicity; race; disability status; veteran status.
4. Protected Health Information (HIPAA - PHI).
5. Credit card information (PCI).
6. Controlled research data that is government-restricted or export-controlled (ITAR, EAR).
7. Proprietary/confidential industry or third-party data.

Units should only be gathering and storing Restricted data if they are authorized to do so.  Records should be retained as required by laws or regulations and then should be destroyed.  If you do not need to gather or store this data, don't!

Still need help?  Click the 'Purdue IT Request' button to start a ticket.