Understanding Cloud Information Categories | Computing for Arts + Sciences

Understanding Cloud Information Categories

UNT CAS employees need to understand these three general information categories before deciding how to protect and/or share information via non-UNT provider systems:

Category Description Example Reason
I You must protect legally- or security-bound information from unauthorized disclosure or public release

Student Gender

FERPA (legal)

Patient or human test subject photograph HIPAA (legal)
Credit card numbers PCI (agreement)
UNT Student ID ("emplid") Texas Business and Commerce Code (legal)
II You may need to protect privileged (required approval to access, such as EIS or Cognos data), proprietary (to UNT, partners, or colleages), or moderately-proteted information from unauthorized disclosure or public release

Donor information

Approved access (privileged)

Pre-published journal articles Agreement via journal rules (proprietary)
Collaborative working papers Agreement of all authors
Collaborative research Agreement with colleagues
III You can publicly share information that has no or little protection requirements

Your resume

You created it

Public property pictures/videos (non-obstructing, non-intimate) You created it, general subject
Notes you make at a presentation (unless under agreement, like non-disclosure) You created the notes
Working papers You are the sole author

You may find "Category II" information the most challenging to manage since it requires the most deliberation.

After understanding the general categories, the place to apply that knowledge usually involves "cloud storage" systems.