Data Classification

In order to make sure you handle, process, store and access data correctly you will need to classify the data in question.

The below table will give guidance in classifying your data. For more information on data storage options please see our Data Storage Overview.

Quick Reference Grid for Data Classification

Full Data Classification, approved by Board, is in the Cloud Computing Policy

Data Classification Description of Data Working Examples
of Data
Storing, Accessing & Sharing this Data
Non-Confidential Public Such data is available for anyone to see.
It is often made available to the public via the Trinity web site.
  • Course names

  • Module names

  • Prospectus

  • Brochures

  • Department contact details

  • Staff names and internal phone extensions

Data should be subjected to internal review before issuing.

Access to this data is not usually restricted, i.e. a username and password are not required to access this data.

Storage: any Trinity operated service as this information is deemed publicly accessible.

University Internal Such data is generally available to all staff and students Trinity.
  • General meeting minutes.

  • Day to day activities and communications

  • Project related memos, information circulated to staff which is not intended as public material.

  • Academic statistics

Access is usually restricted to members of Trinity.

Username and password are required to access this data.
This data should be stored in a service that has access control to internal users and requires a password for individual access.

Storage: OneDrive, NAS, Trinity Computers and mobile devices

Confidential Restricted

This is data that is usually not made available to all staff, and which could result in legal action, reputational damage or financial loss.

  • Personal data.*
  • Confidential business data and information**
  • Documents subject to Data Protection Legislation.

  • Confidential memos.

  • Confidential information related to Research or Funding.

  • Management decisions

  • Detailed budgets or financial reports

  • Interview Packs

  • Routine financial transactions

Access to this data is restricted to the people that are entitled to use it. But generally this will be a large number of staff and the data is not as confidential or sensitive as the critical data described below.

Username and password are required to access this data.
This data should be stored in a service that has access control specified to certain users or groups (i.e. department, school list) and requires a password for individual access.

Storage:OneDrive, NAS, Trinity Computers and mobile devices

Critical

Inappropriate use of this information could result in legal action, financial loss and severe reputational damage to Trinity.

  • Sensitive personal data***

  • Sensitive business data and information
  • Information relating to the mental and physical health of individuals.

  • Data subject to a confidentiality clause.

  • Medical Research.

  • Financial data such as bank account numbers.

  • Biometric identification data.

  • Disciplinary details

  • Exam papers

Access to such data is tightly controlled, with only a few individual users being entitled to see or use the data.

Critical data is generally stored in purpose built applications, often in an encrypted format, even within internal secure systems.

Storage: Research Databases, Admin Databases under specific design eg: SITS, CORE

* Personal Data: Data relating to a living individual who is or can be identified from the data, including Name, Address, ID Number, CCTV Footage, Student Records, Personnel Records.

** Confidential Business Data: Commercially Sensitive data for which we have an institutional obligation to protect, including high value data that comprises intellectual property for research projects, commercial / employment contracts, confidential meeting minutes.

*** Sensitive Personal Data: Physical or mental health, Racial origin, Political opinions, Religious or other beliefs, Sexual life, Criminal convictions, Payroll records, Bank account details, Biometric data, Trade Union membership.

 

Related pages