University information is categorized into three distinct categories with escalating security and privacy requirements by the UW Data Classification scheme:
Information usually subject to state or federal regulations. The loss of this information may seriously and adversely impact the University.
Information that's sensitive in nature and should only be released on a need to know basis. The integrity and availability of this information should be protected at all times.
Information publically available or information approved for public release.
A comprehensive set of examples for all data classifications is available on the UW Office of the CISO website:
Learn more about Data Classification
Where each type of information can be stored will vary but the Office of the CISO Data Privacy Guide is a great place to viewed University approved solutions:
Learn more about Data Privacy
Internal and External Data Sharing
Data Security and Privacy Agreement
The DSPA ensures that the appropriate security and privacy controls are adhered to by vendors who may collect, view, process, or store University data. The DSPA should also be signed by vendors who design or provide IT systems that require interaction with University data or networks.
Learn more about the DSPA
Memorandum of Understanding
The University of Washington is a large organization and sometimes formal agreements for internal information sharing can help set expectations and avoid misunderstandings. An MOU is a great way to set expectations and ensure a successful partnership.
Learn more about MOUs