Data at LSU can be classified into three categories (Confidential, Private or Public). Confidential data has a high level of sensitivity. Private data has a moderate level of sensitivity. Public data has a low level of sensitivity. Each category carries a different level of access and reputation risk. PS06.20 "Security of Data" outlines the security of data at LSU.
Like many other higher education institutions, LSU has seen growth in the number of campus units contracting with third party firms for IT based services. An obvious outgrowth of that trend is that an increasing amount of University data and information is being stored outside of the direct control of employees of the University. To address this trend and protect University data, language has been developed to help campus units ensure that the security of University data and information is addressed in both the contract language and process of acquiring third party services.
In an IT environment, data is stored on various forms of storage media (e.g., hard drives, USB flash drives, CD-ROM’s, tape drives). When you no longer need to use this storage media, the data must be securely removed to prevent unauthorized access. In compliance with FERPA, University policies and state legislation, this becomes imperative if the data is of a sensitive nature.