Contact Us

Office of Information Technology 4400 Massachusetts Avenue NW Washington, DC 20016-8019 United States

Organizing Confidential Data

National Get Organized Month is an opportunity to reduce risk to the University by thinking about the type of data your office handles.

Begin by reviewing the University’s Data Classification Policy and considering some of the actions provided below.

Actions to consider when organizing data for your office

Begin by determining whether your office handles Confidential data.
Define "Confidential" for your office, using the Data Classification Policy as your guide.
Discuss where the Confidential data should be stored for your office.
Communicate the location to your colleagues, so everyone that needs to know is aware.
Document guidelines and process for how to handle Confidential data within your office.
Consider adding an annual review process to ensure that the guidance and process is still valid.
Classify your electronic documents, by adding the Confidential classification to the footer.
Consider adding three pieces of data to your footer: CONFIDENTIAL American University

Data Classification Policy

This policy governs the privacy, security, and integrity of university data, especially confidential data, and outlines the responsibilities of institutional units and individuals for such data.

Confidential data are considered the most sensitive and require the highest level of protection. Confidential data includes data that the university must keep private under federal, local, and state laws, contractual arrangements, or based on its proprietary worth. Confidential data may be disclosed to individuals on a strict need-to-know basis only.

Answer the following questions to determine whether the data is Confidential:

Would you want to see this data printed in the Washington Post with American University and your name next to it?
Are there any laws that say this data should be protected as confidential?