UW Privacy Office

Data Classifications

Last updated on December 16, 2022

Overview

The UW Privacy Office oversees and manages the classification structure and process to support UW units in meeting their ethical and legal responsibilities. The data classification categories and process are intended to help units clarify and prioritize minimum privacy and information security protections throughout the data lifecycle, from creation or collection to propagation, disclosure, or destruction.

Data classifications

Confidential

University information that is protected by laws or regulations.

Special Categories of Personal Data

Categories of personal data that when alone or combined with other data could adversely impact the University or individuals. Special categories of personal data also may be confidential information in that they are protected by a law or regulation.

Special categories of personal data include but are not limited to data or information regarding:

  • Criminal offenses.
  • Citizenship and/or immigration status.
  • Race or ethnic origin.
  • Political opinions.
  • Religious or philosophical beliefs.
  • Trade union membership.
  • Genetic or biometric data used to identify a natural person.
  • Health.
  • Disability.
  • Protected veteran status.
  • Sex life.
  • Gender.
  • Gender identity.
  • Data on sex, or sexual orientation.
  • Universal identification numbers.
  • Youth under the age of eighteen.

Restricted

Restricted information is University information that is circulated on a need-to-know basis. Restricted Information needs careful management to safeguard its integrity and availability, as well as appropriate access, use, and disclosure. Restricted information is generally not published or released to the public unless specifically requested.

Public

University information that is published for public use or has been approved for public use by the appropriate University authority. Public information may not be exempt from public disclosure but does need careful management to safeguard its integrity and availability.