Fisher College of Business logo

Data Security

The Ohio State University classifies its institutional data into three categories based on the level of sensitivity and risk associated with the exposure, misuse, or alteration of that data. The data classification determines which precautions must be taken when handling the information.

Public Data

Information that is intended for broad distribution or freely available to any person or organization. This information has no existing access restrictions.   

Example: Course Catalog

Limited Access Data

Data available without restriction but whose integrity must be maintained. 

Example: Date of Birth, Ethnicity

Restricted Data

Data protected or regulated by law or critical to university operations including sensitive personal information such as Social Security Numbers and personal health information.

Example: Bank Account Number, Student Academic Record

 

Restricted Data Elements

Restricted Data is data protected or regulated by law or critical to university operations. The following data elements have been identified as "Restricted Data" in advance of the formal data classification process due to the risk associated with unauthorized disclosure of these elements:

  • SSN and Other Personally Identifiable Information
  • Credit Card Information
  • Bank Account Information
  • Student Educational Records
  • Personal Health Information

 

Limiting exposure to Restricted Data

Fisher College of Business provides software and processes to help limit unintended exposure of restricted data:

Identity Finder

Identity Finder lets users find sensitive information on their computers by searching files, e-mails, and other system areas. Identity Finder can run on desktops, servers, databases, websites, and other remote machines. After identifying confidential data, Identity Finder presents these matches to users and lets them clean the data by securely shredding, redacting, encrypting, or using a number of other remediation features.

PGP Whole Disk Encryption

PGP software provides enterprises with comprehensive, nonstop disk encryption for Microsoft and Apple Mac OS X, enabling quick, cost-effective protection for data on desktops, laptops, and removable media. The encrypted data is continuously safeguarded from unauthorized access, providing strong security for intellectual property, customer and partner data, and corporate brand equity.