Under the IS-3 Electronic Information Security policy, university data is classified in one of four categories, known as Protection Levels. For the complete classification guide on Protection Levels, including explanations of the classifications and additional examples, see the Classification of Information and IT Resources Guide.
- Protection Level
- Impact of Disclosure
P4 - High
- Institutional Information and related IT Resources whose unauthorized disclosure or modification could result in significant fines, penalties, regulatory action, or civil or criminal violations (Statutory)
P3 - Moderate
- Institutional Information and related IT Resources whose unauthorized disclosure or modification could result in small to moderate fines, penalties or civil actions (Proprietary).
P2 - Low
- Institutional Information and related IT Resources that may not be specifically protected by statute, regulations or other contractual obligations or mandates, but are generally not intended for public use or access (Internal).
- Business records and documentation not containing P3 or P4 data
- email, calendar, meeting notes
- Research using publicly available data
- UC directory info (where no FERPA block is requested)
- Building Plans
P1 - Minimal
- Public information or information intended to be readily obtainable by the public, but whose integrity is important and for which unauthorized modification is the primary protection concern (Public).
- Hours of operation
- Parking regulations
- Course catalogs
- Press releases
- Public websites