UNT CAS employees need to understand these three general information categories before deciding how to protect and/or share information via non-UNT provider systems:
| Category | Description | Example | Reason |
|---|---|---|---|
| I | You must protect legally- or security-bound information from unauthorized disclosure or public release |
Student Gender |
FERPA (legal) |
| Patient or human test subject photograph | HIPAA (legal) | ||
| Credit card numbers | PCI (agreement) | ||
| UNT Student ID ("emplid") | Texas Business and Commerce Code (legal) | ||
| II | You may need to protect privileged (required approval to access, such as EIS or Cognos data), proprietary (to UNT, partners, or colleages), or moderately-proteted information from unauthorized disclosure or public release |
Donor information |
Approved access (privileged) |
| Pre-published journal articles | Agreement via journal rules (proprietary) | ||
| Collaborative working papers | Agreement of all authors | ||
| Collaborative research | Agreement with colleagues | ||
| III | You can publicly share information that has no or little protection requirements |
Your resume |
You created it |
| Public property pictures/videos (non-obstructing, non-intimate) | You created it, general subject | ||
| Notes you make at a presentation (unless under agreement, like non-disclosure) | You created the notes | ||
| Working papers | You are the sole author |
You may find "Category II" information the most challenging to manage since it requires the most deliberation.
After understanding the general categories, the place to apply that knowledge usually involves "cloud storage" systems.