Classify data
- Michael Laurentius
Purpose
Classifying your data helps you determine how your data should be accessed, handled, stored, and shared, as well as the risk associated with the data. This step allows you to determine which computational and storage solutions are best suited to your task, project, or backups.
Audience
faculty researchers Admin staff IT staff
On this page
Initial considerations
Applicable legislation, regulations, policies, data sharing or material transfer agreements, etc.
Is your data or your obligation to protect it covered by other binding documents or contracts?
Privacy legislation (FIPPA, PHIPA, GPDR, etc.)
Contact the FIPP office regarding how your data should be classified.
Ethics protocols
Contact the relevant oversight and compliance unit regarding your how your data should be protected.
Agreements (Data sharing [DSA], material sharing [MTA], etc.)
Contact the relevant contract and agreements office regarding sponsor or data providing requirements.
What can I do?
Consult the University’s Data Classification Standard.
https://security.utoronto.ca/framework/standards/data-classification/
This standard helps to classify data according to four levels which take into account the data’s importance, sensitivity and potential for misuse. Data classification is a foundational step in determining how data should be protected.
Level 4
Highly sensitive, non-public data.
Level 3
Confidential, non-public data.
Level 2
Non-confidential, non-public (internal) data.
Level 1
General access, public data.
Search
Additional help
General
https://data.utoronto.ca/data-governance-program/
https://governingcouncil.utoronto.ca/fipp
Contact us | Information Security (IS)
Researchers
https://security.utoronto.ca/services/research-information-security-program/
Related articles
Â
Â
Â