Interested in videos? Check out our MiVideo page! Training, tips and tricks, and more!

Technology Mgmt Team

Sensitive Data Classifications

There are 4 types of sensitivity levels for data at U-M

For More Information Please Visit:

U-M Sensitive Data Guide to IT Services

Examples of Sensitive Data (ITS)

Data Classification Levels (ITS)

What is PII? (Personally Identifiable Information)

Who to Contact for Support?

ITS/4-HELP

Report an IT Security Incident

Click Here to Report an Incident

Restricted

Disclosure could cause severe harm to individuals and/or the university, including exposure to criminal and civil liability.
Has the most stringent legal or regulatory requirements and requires the most prescriptive security controls.
Legal and/or compliance regime may require assessment or certification by an external, third party.

High

Disclosure could cause significant harm to individuals and/or the university, including exposure to criminal and civil liability.
Usually subject to legal and regulatory requirements due to data that are individually identifiable, highly sensitive, and/or confidential.

Moderate

Disclosure could cause limited harm to individuals and/or the university with some risk of civil liability.
May be subject to contractual agreements or regulatory compliance, or is individually identifiable, confidential, and/or proprietary.

Low

Encompasses public information and data for which disclosure poses little to no risk to individuals and/or the university.
Anyone regardless of institutional affiliation can access without limitation.

Page updated

Report abuse