Data Classification Levels

Summary

The ITS Research Support team has created five levels of classification for data at Binghamton University. Description and examples for all five data levels can be seen below

Related Information: Recommended tools and resources for each data level

Data Levels

Level 1: Public Data (No Risk)

Publicly available data, no restrictions on access

Examples:

  • Public Domain Information
  • Directory Information

Level 2: Internal Data (Low Risk)

Unpublished data, that contains no sensitive information

Examples

  • Unpublished Intellectual Property
  • Maps and Building Layouts
  • Binghamton ID (BNumber)

Level 3: Sensitive Data (Moderate to High Risk)

Data with individually identifiable information which if disclosed could reasonably be expected to damage the subjects financial standing, economic prospects, personal relationships, insurability, or reputation.

Examples:

  • Student Financial Information
  • Student Information
  • Student Final Grades
  • Credit Card Numbers
  • Social Security Numbers
  • Personally Identifiable Genetic Information
  • Personally Identifiable Healthcare Information
  • Human Subjects Data
  • University Financial Information
  • GPS Location Data

Level 4: Restricted Data (Very High Risk)

High Risk Confidential Information (HRCI) and research information classified as Level 4 by an Institutional Review Board (IRB). Level 4 also includes other individually identifiable information which if disclosed would likely cause risk of serious social, psychological, reputational, financial, legal or other harm to an individual or group.

Examples:

  • Networked Medicare (CMS) Data
  • Networked NIST 800-171 Data
  • Networked NIST 800-53 Data
  • Highly Secure "Networked" Data
  • CUI Data
  • CMMC Certified

Level 5: Controlled / Non-Networked Data (Very High Risk)

Individually identifiable information which if disclosed would create risk of criminal liability, loss of insurability or employability, or severe social, psychological, reputational, financial or other harm to an individual or group. Level 5 includes research information classified as Level 5 by an Institutional Review Board (IRB).

Examples:

  • Highly Secure "Non-Network" Data
  • CMMC Certified
  • Non-Networked NIST 800-171 Data
  • Non-Networked NIST 800-53 Data

Related Information: Recommended tools and resources for each data level

Feedback

Encountered any website issues or have comments/questions? Please provide feedback at itsresearchsupport@binghamton.edu