Glossary of Permission Levels

Each data type (FERPA, HIPAA, etc.) on Storing Data by Type have the following three categories of storage options.  

Acceptable IT Services and Tools

Data can be stored in these solutions without consultation, but it is your responsibility to make sure only individuals with a justifiable business need can access the data found there.

Consultation Required

Data can be stored in these solutions only after consultation with the Information Security Office, OIT, or the Responsible Operating Unit, and technical and/or administrative controls must be implemented prior to storing sensitive data. Each solution listed under this category will identify who you need to consult.

Not Permitted IT Services and Tools

These solutions are not secure for the data type you've selected. There are no technical and/or administrative controls that would make IT services and tools listed in this category appropriate for this data type.