Data Classification Policy
Information is one of the most valuable assets owned by the University of Guelph and it is essential that appropriate security measures are applied based on the sensitivity of that data and in compliance with applicable legal and contractual obligations. This applies to data in all stages of the lifecycle, including creation, storage, processing, transmission, and destruction.
The purpose of this policy is to establish minimum control requirements for confidentiality, integrity and availability of University data by defining the classifications and aligning it to approved information security arrangements.
Where there is a conflict between this policy, another University policy, or departmental policy or guideline, the more restrictive must be followed.
See the full Data Classification Policy (PDF), approved on August 14th, 2024.
Not sure which data classification applies to your data? Use our Data Classification Assessment Tool to get the answer quickly!