Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools

Trace:
wiki:policies:data

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
wiki:policies:data [2022/01/25 17:01]
katcow 		wiki:policies:data [2024/01/24 21:27]
katcow
Line 10: Line 10:
  
 ===== III. Data Classification Policy ===== ===== III. Data Classification Policy =====
- 
-Company data refers to information generated by or for, owned by, or otherwise in Nested Knowledge’s possession. Company data includes, but is not limited to, research data and business data. 
  
 === Public Data: === === Public Data: ===
  
-Data classified as public may be disclosed to anyone, regardless of their affiliation with Nested Knowledge. Internal Data Internal data is information that is potentially sensitive and is not intended to be shared with the public. Internal data generally should not be disclosed outside of Nested Knowledge without the permission of the person or group that created the data.+Data classified as public may be disclosed to anyone, regardless of their affiliation with Nested Knowledge. 
 + 
 +=== Internal Data === 
 + 
 +Internal data is information that is potentially sensitive and is not intended to be shared with the public. Internal data generally should not be disclosed outside of Nested Knowledge without the permission of the person or group that created the data.
  
 === Confidential Data === === Confidential Data ===
  
 Confidential data is information that, if made available to unauthorized parties, may adversely affect individuals, partner organizations, or Nested Knowledge. This classification also includes data that Nested Knowledge is required to keep confidential, either by law (e.g., FERPA) or under a confidentiality agreement with a third party, such as a vendor. This information should be protected against unauthorized disclosure or modification. Confidential data should be used only when necessary for business purposes and should be protected both when it is in use and when it is being stored or transported. Confidential data is information that, if made available to unauthorized parties, may adversely affect individuals, partner organizations, or Nested Knowledge. This classification also includes data that Nested Knowledge is required to keep confidential, either by law (e.g., FERPA) or under a confidentiality agreement with a third party, such as a vendor. This information should be protected against unauthorized disclosure or modification. Confidential data should be used only when necessary for business purposes and should be protected both when it is in use and when it is being stored or transported.
 +
 +Users are prohibited from sharing confidential information through the following means:
 +
 +  * sending to un-authorized websites,
 +  * sending by phone messaging, WhatsApp, or similar technologies,
 +  * posting on social media, such as Twitter
 +  * uploading to removable media, such as USB devices.
 +
 +Confidential information should be stored in secure, encrypted environments. Users are discouraged from storing confidential information on their personal device filesystem.
  
 === Loss of Confidentiality === === Loss of Confidentiality ===
Line 42: Line 53:
   * User location data and online behavior   * User location data and online behavior
  
-High-risk personal data fall under the same guidelines as restricted use data. +High-risk personal data fall under the same guidelines as restricted use data.
  
 === Other Regulations === === Other Regulations ===
  
 Some data may be subject to specific protection requirements under a contract or grant, or according to a law or regulation not described here. In those circumstances, the most restrictive protection requirements should apply. If you have questions, please contact the Data Protection Officer, 507-271-7051. Some data may be subject to specific protection requirements under a contract or grant, or according to a law or regulation not described here. In those circumstances, the most restrictive protection requirements should apply. If you have questions, please contact the Data Protection Officer, 507-271-7051.
- 
  
 === Compliance === === Compliance ===
Line 62: Line 72:
 |K. Cowie|11/18/2021|Draft completed| |K. Cowie|11/18/2021|Draft completed|
 |K. Kallmes|11/19/2021|Draft approved| |K. Kallmes|11/19/2021|Draft approved|
 +|P. Olaniran|09/18/2022|Revisions completed|
 +|K. Cowie|09/18/2022|Revisions approved|
  
 [[:wiki:policies|Return to Policies]] [[:wiki:policies|Return to Policies]]
 +
 +
wiki/policies/data.txt · Last modified: 2024/01/24 21:30 by katcow

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki