Access to and Responsible Use of Data Policy governs where and how DePaul data should be managed. For an overview of some examples of data and where they should be stored, see the sample list below. Additional guidance for any data not covered here can be found in the policy.
*Cloud Storage Service Providers such as Dropbox, Personal Microsoft OneDrive, Personal Google Drive, Apple iCloud, AWS, Personal Box Account, Carbonite, etc.
|
Description
|
Data Type** |
Microsoft OneDrive and Google Drive |
U/W |
Cloud Services* |
|
Credit/Debit Card Number |
Highly Sensitive Data |
No |
No
|
No
|
|
Other bank or financial account numbers |
Highly Sensitive Data |
No
|
No |
No
|
|
Driver’s license numbers and other government identification card numbers |
Highly Sensitive Data |
No
|
Yes |
No
|
|
Passwords, pins, and similar data that permit access to financial accounts or other personal data |
Highly Sensitive Data |
No
|
No |
No
|
|
Social Security Number |
Highly Sensitive Data |
No
|
Yes |
No
|
|
Class Information |
Internal Non-Restricted Data |
Yes
|
Yes |
No
|
|
Employee names, telephone numbers and email addresses |
Internal Non-Restricted Data |
Yes
|
Yes |
No
|
|
Employee job titles and dates of employment |
Internal Non-Restricted Data |
Yes
|
Yes |
No
|
|
FERPA covered data |
Internal Restricted Data |
Yes
|
Yes |
No
|
|
Student Financial Aid Data |
Internal Restricted Data |
No
|
Yes |
No
|
|
HIPAA covered data |
Internal Restricted Data |
No
|
Yes |
No
|
|
Employees pay rates or other confidential payroll data |
Internal Restricted Data |
Yes |
Yes |
No
|
|
Research data that does not contain subject identifiable data |
Internal Restricted Data |
Yes |
Yes |
No
|
|
Data posted on university bulletins and data on unrestricted university web sites |
Public |
Yes |
Yes |
Yes |