/
Understanding Data Classification

Understanding Data Classification

  • NOTE: If you have any questions about the proper handling of data, please contact Information Security

  • Classification of Data Policy and Table

     Acceptable   Not Acceptable  Some exclusions (noted below)

    * Must be approved by Information Security or implemented by LTS in an approved configuration.

    ** ITAR and Export controlled information under U.S.laws are excluded. Although ITAR and Export controlled information under U.S. laws are classified as Type II data, it cannot be stored on systems outside the US.  In addition to storage restrictions on this type of data, there are also restrictions on sharing such data with foreign nationals of restricted countries. It is up to the data owner to determine whether any export-controlled data may be shared with someone or transported to a particular country. Guidance can be found at the US Department of Commerce Control List site at: http://www.bis.doc.gov/index.php/regulations/commerce-control-list-ccl

    1 Protected Health Information (PHI)

    2 Zoom can be used for PHI or Class 1 data but you MUST have your account converted to a HIPAA compatible account and you will lose some Zoom functionality (i.e. Cloud recording, breakout rooms, etc)

    3 Dropbox for Business can be used for PHI or Class 1 data but you MUST have a team drive set up by LTS and the Class 1 data put into the C1 folder.  Do not share any files externally.
    4 Class II data can be shared internally to other @lehigh.edu email addresses. FERPA does not allow us to share student data to external email addresses.
    5 REDCap - Needs to be appropriately configured for Class I or Class I PHI data
    6 Docusign must be set up by LTS to support Class I or Class I PHI data
    7 DataCamp is a learning tool and classes can be set up inside of DataCamp which requires sharing enrollment information. DataCamp is not designed to process Class II information in a production environment. Please consult with LTS if you have use cases outside of the learning environment.

    8 Zoom - HIPAA version which is used by a limited number of Lehigh faculty and staff does not support some Zoom features like AI and cloud-based recording.

For immediate help, contact the LTS Help Desk (Hours)
EWFM Library | Call: 610-758-4357 (8-HELP) | Text: 610-616-5910 | Chat | helpdesk@lehigh.edu
Submit a help request (login required)