It’s a new year so why not take advantage of the opportunity to get organized, especially since January is National Get Organized Month. It is the professional organizing industry’s national event dedicated to raising awareness of the benefits of getting organized. The Office of Information Technology sees National Get Organized Month as an opportunity for faculty and staff to reduce risk to American University by thinking about the type of data your office handles and developing a plan for managing it.
Let’s start by reviewing the University’s Data Classification Policy. This policy governs the privacy, security, and integrity of university data, especially confidential data, and the responsibilities of institutional units and individuals for such data. There are three levels of classification:
Confidential Data: Confidential data are considered the most sensitive and require the highest level of protection. Confidential data includes data that the university must keep private under federal, local, and state laws, contractual arrangements, or based on its proprietary worth. Confidential data may be disclosed to individuals on a strict need-to-know basis only.
Official Use Only Data: Official Use Only data is generally private to the university. Access is limited to AU community members on a need-to-know basis, and it is not generally available to parties external to American University.
Unrestricted Data: Unrestricted Data has no legal or other restrictions on access or usage and may be open to the university community and the general public.
Now let’s look at some actions to consider for organizing your office’s confidential data. You could begin by scheduling an office meeting to determine whether your office handles confidential data. At the meeting, or in a communication, define “confidential” for your office using the Data Classification Policy as your guide. Discuss where your office should store confidential data, and communicate that location to your coworkers so everyone that needs to know is aware. Consider the following:
- Document guidelines and process for your office about how to handle confidential data.
- Consider adding an annual review process to ensure that the guidance and process is still valid. We live in a world of guaranteed change.
- Classify your electronic documents by adding the confidential classification to the footer.
These are just some of the steps you can take to get organized. For more information, click here.
For questions about this endeavor, please contact the IT Help Desk at 885-2550, firstname.lastname@example.org, or instant message AskAmericanUHelp.