UC Merced Data Classification and Usage Guide

Type of Data: Examples Box CatDrive
Public:
Information that is widely available to the public through the web, publications, pamphlets, and other distribution methods
Brochures, news releases, pamphlets, web sites, marketing materials Yes Yes
Internal:
Routine operational information requiring no special measures to protect from unauthorized access, modifications, or disclosure, but not widely available to the public.
Routine correspondence, employee newsletters, internal phone directories, inter-office memoranda, internal policies & procedures Yes Yes
Protected:
Data that would not necessarily be deemed to be public record even though release may not be prohibited by federal or state law, but the data owner has determined security measures are needed to protect from unauthorized access, modifications, or disclosure
Contract research protocols, records, department financial data, records wherein the public interest served by not disclosing the record clearly outweighs the public interest served by disclosure of the record, system configurations, system logs, risk reports Yes Requires Consultation with IT Security*
Confidential:
Information requiring the highest levels of protection because the data is protected by law and disclosure of such data will result in significant adverse impact to the institution and affected individuals (financial loss, sanctions, penalties, etc.).
Protected Health Information (PHI), Student Identifiable Information (SII), Personally Identifiable Information (PII), personnel information, Social Security Numbers Requires Consultation with IT Security* NO

*Storing Protected or Confidential Data requires consultation with IT Security to discuss proper use of the permissions options for sharing. Further details about data classification, handling and security can be found in the appropriate UCOP and UC Merced Policies:

  • UCOP IS-2 – Inventory, Classification and Release
  • UCOP IS-3 – Electronic Information Security

Working with Copyrighted information
When reproducing or distributing (including saving, accessing, or downloading) material that has been written, recorded, or designed by someone else, it is the responsibility of users to abide by copyright law. Permission from copyright holders is required when using a work in a way that infringes on the exclusive intellectual property rights granted to a copyright holder, i.e., reproducing part or all of a copyrighted work outside the boundaries of acceptable fair use.

For more information about copyrighted information, visit University of California statement on Copyright