Data Classification Guideline

The Berkeley Data Classification Standard is a framework for assessing data sensitivity, measured by the adverse business impact a breach of the data would have upon the campus. Based on the data protection levels defined in the Data Classification Standard, the Minimum Security Standard for Electronic Information (MSSEI) identifies the security protections required to safeguard the data.

The information below is provided as guidance on interpreting the Data Classification Standard.

Applicant Information

Applicant student, faculty and staff information should generally be classified the same as equivalent student, faculty and staff information.

Credentials

  • The CalNet credential database (Kerberos as well as Active Directory) is classified as level 3 because it contains the whole authoritative universe of CalNet credentials.  
  • Other applications that proxy CalNet authentication would be considered level 2 (at least).
  • A CalNet "friendly" ID is the same as a user's email account (minus "@berkeley.edu") -- or will be following completion of the bConnected rollout.  CalNet ID is therefore, level 0.
  • While it is ideal that credentials be treated with at least the sensitivity as the data it protects, CalNet passphrases are used across so many systems that it is difficult to predict for a random user what level of risk they present, and therefore, there is no campuswide data classification for CalNet passphrases. Because CalNet credentials are used for email, it would be ineffective to require protection level 2 controls for all devices on which CalNet credentials are used.  Advice for individual users should take into account the data accessed with the CalNet credentials.

FERPA "No Release" Requests

The Family Educational Rights and Privacy Act (FERPA) allows students to request that the school not disclose directory information about them.  Each campus unit that collects and maintains student records is required to make available written procedures indicating the manner in which students may request that information about them not be released as public information. Units using data originally collected by another office should use the FERPA release information obtained by the originating office. In the absence of release information, the unit should assume that the student has requested "no release."

Notice Triggering Data Components

Individual components of notice-triggering information (other than name) merit level 2 data designation, regardless of the actual data breach notification requirement.  That is, breach notification law requires notification if social security number (SSN) AND first name or initial and last name are breached, however, use of SSNs (even if name is not included) merits data protection level 2.  

Partial SSNs and Partial Student IDs

Standard practice on campus is to treat partial SSNs the same as full SSNs, even though the former is not notice triggering.  (Research indicates that last 4 digits of an SSN plus place of birth very accurately indicates the full SSN.)

Similarly, partial Student IDs should be treated like full Student IDs.