Everyone at Princeton plays a role in protecting our information. Whether you are the owner/steward of the information and need to classify it, or an information user seeking guidance on how to handle it, the resources in this section will help you get started.

Classification Guide

The first step in protecting our information is to classify it in accordance with Princeton's Information Security Policy. The chart below will assist you in making the proper classification. Throughout this site, you will find additional requirements to help you handle your information safely.

Protection Classifications

 

CLASSIFICATION EXAMPLES INCLUDE:
Restricted
  • Social security numbers
  • Bank account numbers
  • Driver’s license numbers
  • State identity card numbers
  • Credit card numbers
  • Protected health information (as defined by HIPAA)
Confidential
  • All non-Restricted information contained in personnel files
  • Donor records
Unrestricted within Princeton
  • Course descriptions in the Employee Learning Center
  • Web-based resources designed for University use
Public
  • Public-facing campus directories
  • Course offerings
  • Press releases
  • Departmental websites

What Counts as University Information?

University information covers a broad range, and may be: verbal, digital, and/or hard copy; individually controlled or shared; stand-alone or networked; and used for administration, research, teaching, or other purposes.

Additional Restrictions

  • Specific Restrictions: In addition to those outlined above, additional restrictions may apply.
  • Combined Information: The classification level of combined information must be re-evaluated independently.

Classifying Information: Your Responsibilities

1 Understand the classifications.
2 Classify appropriately.

We encourage you to review the complete Information Security Policy and learn more about your responsibilities.

Have Questions? The Help Desk is your first point of contact for all questions related to information security.