Before you create, record, distribute, collect or maintain information on Mediasite, CarmenConnect, U.OSU, CarmenWiki or any other university-owned service:
According to the Institutional Data Policy (IDP), you need to clear your desktop and presentation materials of the following:
grade item data
email or home addresses
patient records
social security numbers
credit information
or any information that is not intended for public distribution.
It is also recommended that you close your email client to avoid incoming email pop-ups during presentations.
Institutional data is any and all information related to university business. The IDP defines four levels of classification: public, internal, private and restricted.
The classification of institutional data determines who may access the data and how much protection the information requires. Correct classification ensures that the university complies with laws, regulations and university requirements.
Note that personal data -- information not related to university business -- used on university-owned devices must adhere to the Responsible Use of University Computing and Network Resources policy.
Four Classification Levels of Data
Public
Public data is intended for public use and has no access or management restrictions.
Internal
Internal data is used to conduct university business and operations by those whose jobs require it, and is the default classification level.
Private
Due to laws or regulations or other requirements, private data may only be accessed with special authorization. Unauthorized access or disclosure may result in administrative or legal action.
Restricted
Due to laws or regulations or other requirements, private data may only be accessed with authorization that is strictly limited. Unauthorized access or disclosure may result in substantial administrative or legal action (such as fines.) Restricted data must always be encrypted.
For example, here's how some Family Educational Rights and Privacy Act (FERPA) data is classified:
A student's directory information is classified as public if not withheld by the student's written request; if withheld per the student's written request, it is classified as private.
Student educational records are classified as private.
Student treatment records are classified as restricted.
If you are still unclear about which level of classification your data falls under, please contact itpolicy@osu.edu before you share on-screen or otherwise.