Dartmouth College is committed to protecting the privacy and security of institutional data in a manner consistent with applicable laws, regulations, and institutional policies.
Dartmouth employs administrative, technical, and physical security measures to protect personal data, including role-based access control. All individuals who access or handle personal data are responsible for complying with Dartmouth's privacy and information security policies and procedures.
Refer to the guidelines and policies below on recognizing higher-risk data and the secure sharing and storage of those data.
Recognize which data are higher risk:
Understand the Dartmouth Information Security Committee (DISC) Control Objectives and security level classification of the data you are requesting. Higher risk data include sensitive and personally identifiable information (PII) and are usually classified as DISC Level 2 or 3. Some requests for sensitive information deemed Level 2 or 3 may require an information security review before a data request can be approved and the review process may take longer.
DISC classification is integral to determining the sensitivity of data and involves categorizing data as follows:
- DISC Level 0 (Public): Data that are already publicly available and therefore have no associated organizational risk.
- DISC Level 1 (Internal Use Only): Appropriate for data that are less sensitive, where unauthorized access would have minimal organizational risk.
- data with no confidentiality classification, but not intended for public disclosure
- general business data for use within Dartmouth
- protected at a baseline level of control (available to the Dartmouth community via authenticated IT access, or authorized physical access to Dartmouth facilities)
- DISC Level 2 (Confidential): For data that, if compromised, could have a moderate adverse effect on the organization’s operations or reputation.
- Data which can only be shared with individuals deemed to have a 'need to know' as defined by the Data Steward.
- DISC Level 3 (Strictly Confidential): Reserved for the most sensitive data-confidential data of the highest level of sensitivity, where unauthorized disclosure could cause significant harm to the organization, individuals, or where data protection is mandated by legal regulations.
- FERPA data, personally identifiable information (PII) such as name, ID, and social security number, personal health information (PHI), and credit card information (PCI) are Level 3 data.
- PII also includes data which, alone or in combination, could be linked to an individual with reasonable certainty and expose sensitive information.
For more information on how to classify data and determine the necessary security measures to protect them, refer to A Practical Guide to DISC Classification and the Dartmouth Information Security Policy.
To identify which AI tools are approved for your data level, refer to AI Data Sensitivity Guide.
If you have questions about DISC policy, reach out to the Information Security team at information.security@dartmouth.edu.
Share data securely and be mindful of where they are being saved or stored and how long to store them. When sharing data within Dartmouth:
- Always save data files and records in a secure location such as the Dartmouth Network.
- Do not email data or records with sensitive information.
- Encrypt any files containing higher risk, sensitive data with a password. Refer to Knowledge Base article Sharing Sensitive Data for more information.
- There are several Dartmouth-approved tools and applications that can be used to securely share files and records. Refer to Knowledge Base articles How to Share Documents with Others and Data Storage and Collaboration for more information.
- Always follow the applicable data retention policies for stored data. Refer to the General Retention Schedule from Records Management unless the Data Steward establishes a different schedule.
Consider a Data Use Agreement
- A written, signed agreement that outlines which data are shared, with whom, and how the data may be used.
- Contents of a data use agreement are specific to each situation, but common elements include the type and scope of the data being provided, a statement of the reasons for providing the data, specification of how the data can be used and if they can be shared with another party, and responsibilities for storage and destruction of the data.
- The data use agreement would be initiated by the Data Steward and signed by all parties prior to providing the requested data.
For further information on keeping Dartmouth data secure, refer to Information Security's Safe Computing and Data Security article.
Reach out to the Data Governance team if you have any questions.
Note: Funded research data may have additional requirements or restriction on usage and storage of data.
-------------------------------------------------------------------------------
Definitions:
Dartmouth data: with respect to information security, data in any form which is owned, processed, stored, or transmitted by Dartmouth College, or its agents, other than information published for public use.
Dartmouth Record: Any recorded information, regardless of format (written, typed, electronic, paper, audio, video, etc), generated in the course of conducting business, and which must be maintained in order to meet the fiscal, legal, historical or administrative needs of Dartmouth College.
Dartmouth Network: the private network of Dartmouth College, including wired network, and the "Dartmouth Secure" wireless network. Access to this network is restricted, via network authentication credentials, to Dartmouth students, faculty, staff, and sponsored guests.
Personally Identifiable Information (PII) as defined by FERPA Subpar General, Section 99.3:
The term includes, but is not limited to—
(a) The student's name;
(b) The name of the student's parent or other family members;
(c) The address of the student or student's family;
(d) A personal identifier, such as the student's social security number, student number, or biometric record;
(e) Other indirect identifiers, such as the student's date of birth, place of birth, and mother's maiden name;
(f) Other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty; or
(g) Information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates. (Authority: 20 U.S.C. 1232g)
Record means any information recorded in any way, including, but not limited to, handwriting, print, computer media, video or audio tape, film, microfilm, and microfiche. (Authority: 20 U.S.C. 1232g)
Secretary means the Secretary of the U.S. Department of Education or an official or employee of the Department of Education acting for the Secretary under a delegation of authority.(Authority: 20 U.S.C. 1232g)
Student, except as otherwise specifically provided in this part, means any individual who is or has been in attendance at an educational agency or institution and regarding whom the agency or institution maintains education records.(Authority: 20 U.S.C. 1232g(a)(6))
[53 FR 11943, Apr. 11, 1988, as amended at 60 FR 3468, Jan. 17, 1995; 61 FR 59295, Nov. 21, 1996; 65 FR 41852, July 6, 2000; 73 FR 74851, Dec. 9, 2008; 76 FR 75641, Dec. 2, 2011]