Security Requirements for Handling Information

"Handling" information is when you view, use, update, delete, or destroy data. It also relates to when you transfer the data from one location to another. Data can be in paper or electronic form. Per the Authentication and Authorization (VII.B1) policy, only the minimum privileges necessary to complete required tasks are assigned to an individual. Based upon how data is classified (Public, Sensitive or Restricted) and its form, that data may have certain precautions which need to be taken to prevent unauthorized disclosure when handled.   All users of Purdue data, in any form and for any purpose, are called Data Custodians. 

These handling requirements are directed to the storage and use of Purdue data on Purdue-owned resources  and represent the minimum requirements for handling of data in any format at Purdue University.  Individual areas may establish more stringent data handling procedures.  Purdue Data Custodians are urged to contact the Data Stewards for guidance in cases that present handling questions or security concerns.

These data handling requirements are divided into three categories: 

 

These handling requirements are reviewed by the Data Stewards and Information Owners at least annually and/or whenever significant changes are made to data or systems.  Keep in mind these requirements "evolve" as the technology improves.   Any comments regarding these requirements should be emailed to the Data Administrator at:

data-stewards@lists.purdue.edu

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2015 Purdue University | An equal access/equal opportunity university | Copyright Complaints | Maintained by ITaP

Trouble with this page? Disability-related accessibility issue? Please contact ITaP at itap@purdue.edu.