Sensitive data

Other pages on this site with related information:

Data classifications

All data is classified as either prohibited, restricted, confidential, or public.

  • Prohibited: Either protection of the data is required by law or regulation, or inappropriate access requires disclosure. This includes information like social security numbers, credit card numbers, health insurance policy ID numbers, driver's license numbers, and financial account numbers.
  • Restricted: Prohibited information that Stanford's Data Governance Board has determined must be accessible to faculty, staff, or students to accomplish Stanford's mission. This includes information like patient health information (PHI) and passport and visa numbers.
  • Confidential: Data that are neither prohibited or restricted but are not generally available to the public. This includes student records/admissions applications, research data, personnel files, donor and donation information, and SU and employee ID numbers.
  • Public: Data not in the previous three categories. 

Detailed descriptions and explanations of these data classifications can be found on the Information Security Office's web site.

Options for secure storage and backup

  1. Secure AFS (Andrew File System): This AFS-based storage service allows for the storage of public, confidential, restricted, and prohibited data, and includes both storage and nightly backups. Standard AFS space allows for storage of public and confidential data only.
  2. Secure IGFS (Individual & Group File Storage): Similar to the normal IGFS service, but allows for storage of public, confidential, and restricted data (but not prohibited data). Backups are available. Standard IGFS space allows for storage of public and confidential data only.
  3. Online Archive Storage: Allows for storage of public, confidential, and restricted data (but not prohibited data).

The Information Security Office has a nice chart of services that shows which ones can be used for which categories of data.