Back to Main Menu

Data Security

Data Security (From the Office of Information Technology)

In general, data that is considered of low and intermediate sensitivity can be secured by investigators with minimal training. Plans to acquire data that is considered of high or very high sensitivity must be developed in collaboration with the college IT Director or designee.

2/27/2025

Examples of data with different levels of sensitivity and appropriate security controls

LevelSensitivity of DataExamplesSecurity Controls
0Low - PublicDe-identified or anonymized dataPassword-protected documents and files. Locked file cabinets and offices
1Intermediate - ProtectedIdentifiable data (surveys, field notes), which, if disclosed, would NOT put subjects at great risk.Encrypted files and flash drives
2High - RestrictedExtremely sensitive data such as medical records with identifiers (HIPAA regulated) and student records with identifiers (FERPA regulated)Same as Level 1 but verified by college IT Director or designee; encrypted laptops or workstations. Please contact your local IT for assistance or  submit a ticket here.
3Very High - Highly RestrictedResearch records with identifiers of self-disclosed criminal activity or mental health issues.Same as Level 2 with additional precautions as determined by college IT Director or designee. Please contact your local IT for assistance or submit a ticket here. Also consider a Certificate of Confidentiality, if appropriate.

 

College IT directors (Key technical resources)

How to encrypt flash/thumb drives

Use the link below to find more information about protecting data on flash/thumb drives.

Removable media and USB flash drives

IT Knowledge Base Information

Use the link below to visit the OIT Knowledge Base for more information about data security.

Visit OIT knowledge base