Data Security in UO Collaboration Tools

Overview

The table below is designed to be a quick reference to help users of the University of Oregon's information systems understand where data of different sensitivity levels can be stored.

UO's Information Asset Classification & Management Policy is available in the UO Policy Library.

Information Asset Classification & Management

Definitions of low risk (green), moderate risk (amber), and high risk (red) data are available in our data classification quick reference.

Special Notice: You must contact the Information Security Office BEFORE storing HIPAA data in any collaboration tool.

Tool Low Risk (Green) Moderate Risk (Amber) High Risk (Red) Approved For:
Personal Computer *

N/A
Personal Email (Gmail, Yahoo, etc) * N/A
Personal Cloud Services (G Suite - all tools, Amazon Web Services, etc.)  * N/A
Personal Dropbox * N/A
UO Managed Computer FERPA
UOmail*** ** FERPA
UO Dropbox ** FERPA
UO OneDrive ** FERPA, HIPAA
Qualtrics ** FERPA
UO Azure (Webservers, CDN, etc.) ** FERPA, HIPAA
UO Microsoft Teams ** FERPA, HIPAA
UO SharePoint **  FERPA, HIPAA
UO Network File Share ** FERPA, HIPAA
USB/CD/External Media **
Canvas FERPA
UO Adobe Creative Cloud FERPA
UO Confluence and Jira ** FERPA
UO Zoom ** FERPA, HIPAA

Legend

 = Approved data storage location for this classification of data

 = This location is unsuitable for this classification of data 

* = If you must use your personal devices for university business, follow these guidelines

** = You must contact the Information Security Office BEFORE storing data in this location for the first time.

*** = Includes Email, Calendar, Contacts, Tasks

A downloadable PDF of this table can be found here, along with more resources and downloads.

 

Details

Article ID: 113454
Created
Mon 8/10/20 9:54 AM
Modified
Mon 12/14/20 4:25 PM