Other Sensitive Institutional Data

Data Type Description 

According to university policy, data will typically be classified as sensitive if any of the following are true:

  • Unauthorized disclosure may have serious adverse effects on the university’s reputation, resources, or services or on individuals
  • It is protected under federal or state regulations.
  • There are proprietary, ethical, or privacy considerations.

Data Steward: Information Assurance

Examples 

Due to the nature of the definition of sensitive data, it is impossible to have an exhaustive list of sensitive data examples.  While the most common types of sensitive data are already included in this guide, there are many other examples of sensitive data, including:

  • Public safety and security information
  • Certain types of  information about hazardous substances
  • Certain types of blueprints and building plans
  • Proprietary information such as computer source code developed at the university
  • Certain types of information related to university investments and investment planning
  • Certain types of information related to university insurance claims
  • Information about misconduct proceedings
  • Animal research
Andrew File System (AFS): 
Not Permitted
BlueJeans Video Conferencing: 
Permitted
Canvas: 
Permitted
Cloud Storage Included with Software: 
Not Permitted
CTools: 
Permitted
Data Warehouse: 
Permitted
Desktop Backup (Powered by CrashPlan): 
Permitted
MiDesktop: 
Permitted
Digital Signage: 
Not Permitted
Echo360 - Lecture Capture and LectureTools: 
Not Permitted
eResearch: 
Permitted
Flux: 
Permitted
Globus: 
Permitted
ITS Exchange Email and Calendar: 
Permitted
Amazon Web Services GovCloud at U-M: 
Permitted
Amazon Web Services (AWS) at U-M: 
Permitted
Box Additional Apps (Non-Core): 
Not Permitted
Box at U-M Core Apps: 
Permitted
Google Non-Core Services: 
Not Permitted
Google Drive at U-M: 
Permitted
Google Mail and Calendar at U-M and Inbox by GMail: 
Permitted
Google at U-M Core Services: 
Permitted
MiDatabase: 
Permitted
MiServer: 
Permitted
MiShare: 
Permitted
MiStorage (CIFS): 
Permitted
MiStorage (NFS): 
Not Permitted
MiVideo: 
Permitted
MiWorkspace: 
Permitted
Personal Accounts (Dropbox, Slack, etc.): 
Not Permitted
Personally Owned Devices (phone, tablet, laptop, etc.): 
Permitted
Qualtrics: 
Permitted
ServiceNow: 
Permitted
Statistics and Computation Service: 
Not Permitted
MiBackup: 
Permitted
Turbo Research Storage (NFS): 
Not Permitted
Turbo Research Storage (NFSv4+Kerberos or CIFS): 
Permitted
Michigan Medicine Exchange/Outlook Email and Calendar: 
Permitted
Armis: 
Permitted
Document Imaging System: 
Permitted
SignNow at U-M (E-Signature): 
Permitted
Piazza Q&A: 
Not Permitted
Dedoose: 
Permitted
Gradescope: 
Not Permitted
Electronic Research Notebook at U-M: 
Permitted
Microsoft Azure at U-M: 
Permitted
Google Cloud Platform at U-M: 
Permitted
Perusall: 
Not Permitted
Yottabyte Research Cloud: 
Permitted