Based on Sensitivity
- Public Data
- Information that is not confidential and can be freely shared.
- Examples: Marketing materials, press releases.
- Internal/Private
- Information intended for internal use within an organization.
- Examples: Company policies, internal communications.
- Confidential
- Sensitive information that requires restricted access to authorized personnel.
- Examples: Customer data, financial records.
- Restricted/Highly Confidential
- Highly sensitive information with strict access controls.
- Examples: Trade secrets, encryption keys.
Based on Regulatory Requirements
- PII: Personally Identifiable Information
- PII is that, when used alone or with other relevant data, can recognize an individual.
- E.g. Name, DOB, SSN, Passport information, biometric information, etc.
- PHI/EPHI: Protected Health Information
- PHI is for healthcare providers, health plans and insurers & businesses connected to health care organizations.
- E.g. Health records/histories, lab or test results, prescriptions, patient forms, medical bills, and provider or patient communication records etc.
- Regulated, Business, Confidential, and High-Risk Data
- Applies to organization to consider how they treat regulated data, business data, confidential data, and high-risk data .
- E.g. Intellectual property (IP) – including trade secrets, patents, copyrights, and trademarks, financial/health data, personal information and shadow servers, or data streams
Discover more from Information Security Blogs
Subscribe to get the latest posts sent to your email.
