Overview
Knowing the criticality of your data is the first step towards adequately protecting it. The University of Toronto’s data classification groups U of T data into four levels based on its importance, sensitivity and potential for misuse.
Data classification table
Level
Definition
Explanation and examples
Level 4
Non-public data that the University has designated as level 4. Level 4 data requires substantially greater protection measures than confidential data.
Level 3
Non-public data that contains personal information (as defined by Freedom of Information and Protection of Privacy Act [FIPPA] for which appropriate permission to disclose has not been received) and other data that the University has designated as being level 3.
Level 2
Data the University has not chosen to make public but has not been designated by the University as being in another level.
Level 1
Data available for broad or general open view.
U of T Data Classification Guidance
The University’s Data Classification Guidance is intended to support data trustees and their delegates to classify institutional data in their custody. It includes a list of data elements by data classification level, along with supplementary considerations.
Note: Research data are held at the University for conducting scholarly research and are therefore outside the scope of this guidance.
Additional resources:
- Review the information about the U of T’s Data Classification Guidance on the UData website: Data Classification Guidance
- Review the key roles that are accountable and responsible for data management practices: Data Management Roles