This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
wiki:policies:data [2021/11/15 21:29] katcow |
wiki:policies:data [2024/01/24 21:27] katcow |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Data Classification Policy ====== | ||
+ | ===== I. Purpose ===== | ||
- | - | + | The purpose of this policy is to categorize, describe, and determine the level of protection required for various types of Nested Knowledge data. |
- | ===== Purpose | + | |
- | - | + | ===== II. Scope ===== |
- | ===== Scope ===== <font 12pt/ | + | |
+ | Nested Knowledge Data: Company data is information generated by or for, owned by, or otherwise in Nested Knowledge’s possession. Company data includes, but is not limited to, research data, business data, and computer programs. | ||
===== III. Data Classification Policy ===== | ===== III. Data Classification Policy ===== | ||
- | Company data refers to information generated by or for, owned by, or otherwise in Nested Knowledge’s possession. Company data includes, but is not limited to, research data and business data. | + | === Public Data: === |
- | Data generated by independent third parties on Nested Knowledge’s review platform is not under our | + | Data classified as public may be disclosed to anyone, regardless of their affiliation with Nested Knowledge. |
- | ==== Public | + | === Internal |
- | Data classified as public | + | Internal data is information that is potentially sensitive and is not intended to be shared with the public. Internal data generally should not be disclosed |
- | Internal | + | === Confidential |
- | === Confidential | + | Confidential |
- | Confidential data is information | + | Users are prohibited from sharing confidential |
+ | |||
+ | * sending | ||
+ | * sending by phone messaging, WhatsApp, or similar technologies, | ||
+ | * posting on social media, such as Twitter | ||
+ | * uploading | ||
+ | |||
+ | Confidential | ||
=== Loss of Confidentiality === | === Loss of Confidentiality === | ||
Line 29: | Line 38: | ||
=== Restricted Use === | === Restricted Use === | ||
- | Restricted Use data includes any information that Nested Knowledge has a contractual, | + | Restricted Use data includes any information that Nested Knowledge has a contractual, |
+ | |||
+ | * Personally identifiable health information that is not subject to HIPAA but used in research, such as Human Subjects Data. | ||
+ | * Personally Identifiable Information (PII), including an individual’s name plus the individual’s Social Security Number, driver’s license number, or a financial account number. | ||
+ | * Unencrypted data used to authenticate or authorize individuals to use electronic resources, such as passwords, keys, and other electronic tokens. | ||
+ | * “Criminal Background Data” that might be collected as part of an application form or a background check. More stringent requirements exist for some types of Restricted Use data | ||
+ | |||
+ | ==== High-Risk Personal Data ==== | ||
+ | |||
+ | Potential high-risk data types we may encounter include the following: | ||
+ | |||
+ | * Information on employee health and/or disability status. | ||
+ | * Information on employee ethnicity, race, religion, sexuality, or political beliefs. | ||
+ | * User location data and online behavior | ||
+ | |||
+ | High-risk personal data fall under the same guidelines as restricted use data. | ||
+ | |||
+ | === Other Regulations === | ||
+ | |||
+ | Some data may be subject to specific protection requirements under a contract or grant, or according to a law or regulation not described here. In those circumstances, | ||
+ | |||
+ | === Compliance === | ||
+ | |||
+ | Failure to comply with data protection may result in harm to individuals, | ||
+ | |||
+ | === Review and Update === | ||
+ | |||
+ | This data classification policy will be updated on an annual basis. The next update will be done in November 2022. | ||
+ | |||
+ | ===== Revision History ===== | ||
+ | |||
+ | ^Author^Date of Revision/ | ||
+ | |K. Cowie|11/ | ||
+ | |K. Kallmes|11/ | ||
+ | |P. Olaniran|09/ | ||
+ | |K. Cowie|09/ | ||
+ | |||
+ | [[: | ||