Data Classification

Data Stewards are required by UW System Administrative Policy 1031 and UW-504 Policy (“Data Classification”) to classify institutional data and data systems based on risk and to review the classifications annually. UW-Madison classifies data as Public, Internal, Sensitive, or Restricted. UW-Madison also uses these classifications for provisioning access to data to individuals. Descriptions of UW-Madison’s four data classification categories are below.

Public

Data should be classified as Public prior to display on web-sites or once published without access restrictions; and when the unauthorized disclosure, alteration or destruction of that data would result in little or no risk to the University and its affiliates.

Internal

Data should be classified as Internal when the unauthorized disclosure, alteration, loss or destruction of that data could result in some risk to the University, affiliates, or research projects. By default, all Institutional Data that is not explicitly classified as Restricted, Sensitive or Public data should be treated as Internal data.

Sensitive

Data should be classified as Sensitive when the unauthorized disclosure, alteration, loss or destruction of that data could cause a moderate level of risk to the University, affiliates or research projects. Data should be classified as Sensitive if the loss of confidentiality, integrity or availability of the data could have a serious adverse effect on university operations, assets or individuals.

Restricted

Data should be classified as Restricted when the unauthorized disclosure, alteration, loss or destruction of that data could cause a significant level of risk to the University, affiliates or research projects. Data should be classified as Restricted if protection of the data is required by law or regulation or UW-Madison is required to self-report to the government and/or provide notice to the individual if the data is inappropriately accessed.

Data classifications for institutional data are listed in the table below:

Data Domain Data Steward Data Classification Major Data Systems
Academic Planning

Acadmic Planning: Michelle Young

Academic Planning Data Classification Lumen
Core Person Core Person Data Operational Governance Group Core Person Data Classification

SIS
HRS
Canvas
Salesforce CRM
Housing
Special Authorization
Wiscard
UW Health
Person Hub
WISPER/SFS
CAOS
InfoAccess
Badger Analytics

Facilities

Space Management and Real Estate: Jesse Winters

Space Data Classification INSITE

Transportation: Gabe Mendez

Transporation Data Classification T2 Flex
Enrollment Management

Admissions: David Leszczynski

Admissions Data Classification SIS (admissions)

Financial Aid: John Dreger

Financial Aid Data Classification SIS (financial aide)

Student record: Phil Hull

Student Record Data Classification

SIS
DARS
Canvas
OneBadger/Salesforce

Finance

Finance: Lea Erickson

Finance Data Classification SFS

Budget: Simi Ragha

Budget Data Classification PlanUW (PBCS)
Health Information*

See HIPAA Compliance program for protected health information generated by units within the UW–Madison Heath Care Component. 

Human Resources

Employee Record: Catharine DeRubeis

Employee Record Data Classification

HRS/EPM
JEMS/TREMS
PMDP

Information Technology

Cybersecurity: Jeff Savoy

Cybersecurity Data Classification Cybersecurity Tools
Library

Library: Steve Meyer

Library Data Classification

Alma
ILLiad
Minds@UW

Research Administration

Research Adminstration: Mike Geier

Research Administration Data Classification

WISPER/SFS
RAMP (2023)

Research Compliance

Research Compliance: Heather McFadden

Research Compliance Data Classification Arrow
Research Data*

See Office of the Vice Chancellor for Research and Graduate Education (OVCRGE) research policies

Teaching and Learning

Advising: Jeff Shokler

Advising Data Classification

Advising Gateway
Advisor Notes System (ANS)
Starfish

Assessment Data Classification

Heliocampus (AEFIS)
Honorlock

Career Services: Jeff Shokler

Career Services Data Classification

Handshake
Big Interview

Teaching and Learning: Dan Voeks

Teaching and Learning Data Classification

Canvas
Unizin Data Platform
Heliocampus (AEFIS)
Kaitura
Engage
Honorlock
Zoom
Tophat
Turnitin
Piazza

*These data types are governed outside the institutional data governance program. Please consult the affiliated program responsible for this data.