Data Classification

All District Data must be classified according to the Data Classification Schema below and protected according to applicable Data Security Standards. This policy applies to data in all formats or media.

Data and information assets are classified according to the risks associated with data being stored or processed. Data with the highest risk need the greatest level of protection to prevent compromise; data with lower risk require proportionately less protection. Three levels of data classification will be used to classify District Data based on how the data are used, its sensitivity to unauthorized disclosure, and requirements imposed by external agencies.

Data are typically stored in aggregate form in databases, tables, or files. In most data collections, highly sensitive data elements are not segregated from less sensitive data elements. For example, a student information system will contain a student's directory information as well as more sensitive information such as the student’s birth-date and home address. Consequently, the classification of the most sensitive element in a data collection will determine the data classification of the entire collection.

• Public - Data explicitly or implicitly approved for distribution to the public without restriction. It can be freely distributed without potential harm to the District, affiliates, or individuals. Public data generally have a very low sensitivity since by definition there is no such thing as unauthorized disclosure, but it still warrants protection since the integrity of the data can be important. Examples include:
  1. District’s public web site
  2. Directory information for students, faculty, and staff except for those who have requested non-disclosure (e.g., per the Family Educational Rights and Privacy Act (FERPA) for students)
  3. Course descriptions
  4. Press releases
  5. Board of Education Meeting Agendas/Public Session Minutes
  6. Employee Salaries

• Sensitive - Data intended for internal District business use only with access restricted to a specific workgroup, department, group of individuals, or affiliates with a legitimate need. Internal data are generally not made available to parties outside the District but may be subject to FOIA/OPRA Requests. Unauthorized disclosure could adversely impact the District, affiliates, or individuals. Internal data generally have a low to moderate sensitivity. Examples include:
  1. Employee ID numbers
  2. Student ID numbers
  3. Student educational records
  4. Directory information for students, faculty, and staff who have requested non-disclosure (e.g., per FERPA for students.)
  5. Information technology transaction logs

• Confidential - Highly sensitive data intended for limited, specific use by a workgroup, department, or group of individuals with a legitimate need-to-know. Explicit authorization by the Data Steward is required for access because of legal, contractual, privacy, or other constraints. Unauthorized disclosure could have a serious adverse impact on the District or affiliates, the personal privacy of individuals, or on compliance with federal or state laws and regulations. Confidential data have a very high level of sensitivity. Examples include:
  1. Social Security Number
  2. Personal identity information (PII).
     1. The Family Educational Rights and Privacy Act (FERPA) (see 20 U.S.C. § 1232g and 34 CFR Part 99) protects personally identifiable information (PII) from students’ education records from unauthorized disclosure. FERPA defines education records as “records that are: (1) directly related to a student; and (2) maintained by an educational agency or institution or by a party acting for the agency or institution” (see 34 CFR § 99.3 definition of “education record”). FERPA also defines the term PII, which includes direct identifiers (such as a student’s or other family member’s name) and indirect identifiers (such as a student’s date of birth, place of birth, or mother’s maiden name) (see 34 CFR § 99.3 definition of “personally identifiable information”).
     2. N.J.S.A. 18A:36-35 defines “personally identifiable information” as student names, student photos, student addresses, student e-mail addresses, student phone numbers, and locations and times of class trips.
  3. Personnel records
  4. Security Information (i.e., School Security Plans, camera locations, recordings, Drill schedules, etc.)
  5. Authentication tokens (e.g., personal digital certificates, passwords, pin numbers, biometric data)

For a more comprehensive list of examples, please refer to Appendix II.