Data Classification Quick Reference

Overview 

The University of Oregon classifies its data based on risk to the institution.  The levels of data classification are Low Risk data or Green Data, Moderate Risk Data or Amber Data, and High Risk Data or Red Data.  The table below gives examples of each of the data types.  Each element in the table is linked back to the Data Security Classification Table where examples, data stewards, and other information may be found.

Information

Low Risk (Green)

Data is classified as Low Risk ("green") if the loss of confidentiality, integrity, or availability of the data would have minimal strategic, compliance, operational, financial, or reputational risk to the university.

Data Types:

Moderate Risk (Amber)

Data is classified as Moderate Risk ("amber") if the loss of confidentiality, integrity, or availability of the data would have moderate strategic, compliance, operational, financial, or reputational risk to the university.

Data Types:

High Risk (Red)

Data is classified as High Risk ("red" - the most sensitive/critical classification) if the loss of confidentiality, integrity, or availability of the data would have high strategic, compliance, operational, financial, or reputational risk to the university.  

Data Types:

A downloadable PDF copy of this table can be found on the Information Security Office's website.

Additional Resources

Print Article

Related Articles (2)

Data Handling Quick Reference
This article is a quick reference for how to handle, transmit and dispose of sensitive data.
Storage Sanitization Before Reuse, Recycle or Disposal Procedure
This article covers UO standards on media sanitation.