What is Sensitive Data?

Sensitive data is defined as information that is protected against unwarranted disclosure. Access to sensitive data should be safeguarded. Protection of sensitive data may be required for legal or ethical reasons, for issues pertaining to personal privacy, or for proprietary considerations.

Sensitive Information includes all data, in its original and duplicate form, which contains:

Sensitive data also includes any information that is protected by University policy from unauthorized access. This information must be restricted to those with a legitimate business need for access. Examples of sensitive information may include, but are not limited to, some types of research data (such as research data that is personally identifiable or proprietary), public safety information, financial donor information, information concerning select agents, system access passwords, information security records, and information file encryption keys.

If further clarification is required, please contact the Information Security Office at security@unc.edu or 445-9393 and we will facilitate any necessary clarification in collaboration with the office of University Counsel.

For information regarding how to protect Sensitive Information please see the document “Securing sensitive information” at the following link: http://help.unc.edu/help/securing-sensitive-information/. Be sure to check under the heading Guidelines for Securing Computers Containing Sensitive Data Covered by FERPA and GLBA.