This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
wiki:policies:data [2023/02/02 22:55] katcow |
wiki:policies:data [2024/01/24 21:30] katcow |
||
---|---|---|---|
Line 10: | Line 10: | ||
===== III. Data Classification Policy ===== | ===== III. Data Classification Policy ===== | ||
- | |||
- | Company data refers to information generated by or for, owned by, or otherwise in Nested Knowledge’s possession. Company data includes, but is not limited to, research data and business data. | ||
=== Public Data: === | === Public Data: === | ||
Line 25: | Line 23: | ||
Confidential data is information that, if made available to unauthorized parties, may adversely affect individuals, | Confidential data is information that, if made available to unauthorized parties, may adversely affect individuals, | ||
- | Users are prohibited from sharing confidential information through the following means: | + | Users are prohibited from sharing confidential information through the following means: |
* sending to un-authorized websites, | * sending to un-authorized websites, | ||
* sending by phone messaging, WhatsApp, or similar technologies, | * sending by phone messaging, WhatsApp, or similar technologies, | ||
* posting on social media, such as Twitter | * posting on social media, such as Twitter | ||
- | * uploading to removable media, such as USB devices. | + | * uploading to removable media, such as USB devices. |
+ | |||
+ | Confidential information should be stored in secure, encrypted environments. Employees are prohibited from storing confidential information on their personal device filesystems. | ||
=== Loss of Confidentiality === | === Loss of Confidentiality === | ||
Line 43: | Line 44: | ||
* Unencrypted data used to authenticate or authorize individuals to use electronic resources, such as passwords, keys, and other electronic tokens. | * Unencrypted data used to authenticate or authorize individuals to use electronic resources, such as passwords, keys, and other electronic tokens. | ||
* “Criminal Background Data” that might be collected as part of an application form or a background check. More stringent requirements exist for some types of Restricted Use data | * “Criminal Background Data” that might be collected as part of an application form or a background check. More stringent requirements exist for some types of Restricted Use data | ||
+ | |||
+ | __Nested Knowledge DOES NOT process any personal health information (PHI) or criminal background data. __ | ||
==== High-Risk Personal Data ==== | ==== High-Risk Personal Data ==== | ||
Line 64: | Line 67: | ||
=== Review and Update === | === Review and Update === | ||
- | This data classification policy will be updated on an annual basis. The next update will be done in November 2022. | + | This data classification policy will be updated |
===== Revision History ===== | ===== Revision History ===== | ||
^Author^Date of Revision/ | ^Author^Date of Revision/ | ||
- | |K. Cowie|11/18/2021|Draft completed| | + | |K. Cowie|01/24/2024|Updated| |
|K. Kallmes|11/ | |K. Kallmes|11/ | ||
|P. Olaniran|09/ | |P. Olaniran|09/ |