Data Classification and Handling

Information Technology

Northern Arizona University owns or controls, and acts as custodian for, a broad array of information, including highly sensitive information protected by law. Because the unauthorized release of sensitive information can inflict substantial harm, maintaining the integrity of this data and the information systems where it is stored is, therefore, a fundamental obligation. This policy establishes a data classification structure and data handling protocols in support of this crucial task. All members and units of the University community that interact with sensitive data must comply with the requirements of this policy.

Policy Code: TBD
Responsible Executive: Chief Information Officer
Responsible Office: Information Security Services
Effective Date: February 13, 2018
Last Revised: July 15, 2019
Contact: Director, Information Security

View the Policy

View the Protocols

Keywords:

Data classification
Data handling
Data security
External Data Use Agreements

All NAU community members are required to immediately report any IT security issue, such a suspected or actual release of University data or a breach of University IT resources, devices, or systems. Dial 928-523-1511 to make a report.

If you have questions regarding data classification or handling in accordance with this policy, contact Information Security Services at its-soc@nau.edu.

Information Security Program

Use the feedback form to provide input about this policy.