To support the proposed revision of the IT Security Policy, Information Assurance has published revised U-M Data Classification Levels on Safe Computing. The revised policy will be supported and supplemented by specific operational, procedural, and technical standards, many of which specify actions to take based on the classification level of the data involved. The new data classification levels replace ones that had been in place since 2008.
Two pages with examples of sensitive university data and how it is classified are also available:
- Examples of Sensitive Data by Classification Level. Lists common data types and their classification level.
- Examples of Sensitive Data by U-M Role. Lists roles at U-M and the sensitive data types most often associated with those roles.
These examples are not comprehensive. If you have questions about a particular data type and its classification, contact the ITS Service Center.