Data Examples

General Data (Low Risk)

Data and systems are classified as Low Risk if they are not considered to be Moderate or High Risk, and:

  • Research data (at owner's discretion)
  • Rice UIDs
  • Information authorized to be available on or through the Rice Website without authentication
  • Policy and procedure manuals designated by the owner as public
  • Job postings
  • University contact information not designated by the individual as "private"
  • Information in the public domain
  • Publicly available campus maps
  • Data already available in the public domain but not available due to a data breach

Sensitive Data (Moderate Risk)

Data and systems are classified as Moderate Risk if they are not considered to be High Risk, and:

  • Unpublished research data (at data owner's discretion)
  • Student records and admission applications
  • Faculty/staff employment applications, personnel files, benefits, salary, birth date, personal contact information
  • Non-public Rice policies and policy manuals
  • Non-public contracts
  • Rice internal memos and email, non-public reports, budgets, plans, financial info
  • University and employee ID numbers
  • Project/task/award (PTA) numbers
  • Engineering, design, and operational information regarding Rice infrastructure
  • Rice data classified as sensitive under policy 808

Confidential and Regulated Data (High Risk)

Data and systems are classified as High Risk if:

  • Health Information, including Protected Health Information (PHI)
  • Health Insurance policy ID numbers
  • Social Security Numbers
  • Credit card numbers
  • Financial account numbers
  • Export controlled information under U.S. laws
  • Driver's license numbers
  • Passport and visa numbers
  • Donor contact information and non-public gift information
  • Rice data classified as confidential under policy 808