Security Requirements for Handling Information
"Handling" information is when you view, use, update, delete, or destroy data. It also relates to when you transfer the data from one location to another. Data can be in paper or electronic form. Based upon how data is classified (Public, Sensitive or Restricted) and its form, that data may have certain precautions which need to be taken when handled. All users of Purdue data, in any form and for any purpose, are called Data Custodians.
These handling requirements are directed to the storage and use of Purdue data on Purdue-owned resources and represent the minimum requirements for handling of data in any format at Purdue University. Individual areas may establish more stringent data handling procedures. Purdue Data Custodians are urged to contact the Data Stewards for guidance in cases that present handling questions or security concerns.
These data handling requirements are divided into three categories:
- Handling of Printed Information (paper, microfiche, microfilm)
- Electronically Stored (Computer-based) Information
- Electronically Transmitted Information
These handling requirements are reviewed by the Data Stewards and Information Owners at least annually and/or whenever significant changes are made to data or systems. Keep in mind these requirements "evolve" as the technology improves. Any comments regarding these requirements should be emailed to Data Administrator.