mauve Leafy background with building outlines

Data Classification

As part of National Cybersecurity Awareness Month, UC Davis Information and Educational Technology (IET) is highlighting four important topics related to cybersecurity each week of October 2023. Week two is data classification. Click the links and articles below to learn about the four data protection levels and click here to watch a short video about data classification at UC Davis or watch it below. 

 

Data protection key on a keyboard
You may not know you have sensitive data... and that could be a big problem.

Practicing good cybersecurity is essential to protecting the UC’s mission to provide world-class teaching, research, and public service. There are many ways we do this here at UC Davis, but one big piece of the cybersecurity puzzle is data classification. After all, you can’t protect what you don’t know you have!

University data is classified into one of four categories, known as Protection Levels. Each level has different impacts of disclosure. P4 is the highest and includes the most sensitive data, such as financial records and social security numbers. Click the button below to see examples of the other three data protection levels and learn what could happen if this data falls into the wrong hands.

 Learn about data protection levels

shields library exterior path with people walking

UC Davis IET has instituted a data classification process to protect user confidentiality and maintain the integrity of all data created. The guide includes examples of Protection Levels of data, plus requirements for notification and responsibilities. 

UC Davis IET Data Classification Process

Data servers

The University of California Office of the President's Systemwide Information Security provides a helpful illustration on the four data classification levels, the impact of disclosure, and how the loss of availability to data at each level would impact operations.

Classification of Information and IT Resources

Information Security

The following controls and practices are UC’s systemwide baseline designed to protect the privacy of our students, faculty, staff, patients, research participants, and other stakeholders whose information we receive, create, and maintain.

UC System Device Security Controls