Before you begin any project that uses data, be sure you understand the data itself and how the university expects you to protect it. Ask yourself the following questions as a first step:
-
Who will have access to the data?
-
What type of data will you be working with? What responsibilities do I have when using this data?
-
When will use this data and for how long will you keep it or need access?
-
Where is the data kept? Will it need to be stored or accessed securely?
-
Why do you need that particular data set? Is there any other set that is less risky or sensitive you might use in its place?
-
How will you communicate with the subjects or owners of the data about its use or to get needed permission?
GET HELP WORKING WITH DATA
Be sure to take the data classification survey and review the data access checklist. If you need further assistance, email securitysupport@illinois.edu.
IS YOUR DATA AT RISK?
Data that is high risk or sensitive needs extra care. Once your data is classified, you will be able to better understand how that data can be used in the safest possible way. If your data is classified as high risk, sensitive, or internal, ask yourself the following questions to help lower the risk of data breach or loss:
-
Do I need to make a copy of restricted data?
- If you can view the restricted data without making a copy on your own computer or making a print copy, do that instead. Data classified as high risk cannot be stored on your computer unless special permissions are obtained.
-
Do I need to share restricted data with someone else?
- In addition to creating more copies, transmitting restricted data creates the risk that it will be intercepted. Data classified as sensitive cannot be emailed without encryption. Data classified as high risk cannot be emailed.
-
How long do I need to keep a copy of restricted data?
- Unless you need to use the same restricted data on a regular basis (once a week or more), destroy or securely archive any copies.