What is Sensitivity Labeling?
Microsoft 365 data Sensitivity Labels are part of the Microsoft Information Protection (MIP) tool set. This helps JMU to protect sensitive and confidential information in a more secure way, whether they are in our cloud storage areas like OneDrive or Teams or being sent through Microsoft Outlook. Depending on the label and application (OneDrive, Teams, Outlook) being used, data may be encrypted or blocked from being forwarded.
What are the benefits of using Sensitivity Labels?
- Using Sensitivity Labels helps JMU to stay compliant with the Family Educational Rights and Privacy Act (FERPA) and the Gramm-Leach-Bliley Act (GLBA), HIPAA laws, as well as to protect Personally Identifiable Information (PII).
- JMU users can further protect their data with enhanced security protections to ensure unauthorized access is prevented, as well as preventing file sharing.
What are the Labels? What Do They Mean and What Do They Do?
Note: Information Technology recommends that you become familiar with JMU’s Data Storage Guidelines, which lays out where different data types ought to be stored. It is up to the user to determine what kind of data is being used and to label them appropriately.
|
|
|
|
|
|
University data that can be shared without restriction to the general public.
|
|
|
|
University data including Personally Identifiable Information (non-confidential) worthy of protection and discretion in its distribution and use.
|
|
Highly Confidential (GLBA)
|
Non-public personal financial information (“Covered Data”) protected by the Gramm-Leach-Bliley Act (GLBA). This includes, but is not limited to, bank and credit card numbers, income and credit histories, tax returns, and financial aid information.
|
|
Highly Confidential (Health Information)
|
Health information regulated by HIPAA or FERPA. This includes, but is not limited to, medical records, medical record numbers, vaccination records, and health insurance information.
|
|
Highly Confidential (Research)
|
Research data/records containing highly confidential data resulting from a systematic investigation including, but not limited to, research proposals, laboratory records, progress reports, abstracts, theses, oral presentations, internal reports, journal articles, and any related documents and materials.
|
|
Highly Confidential (General)
|
Other highly confidential data including, but not limited to, Social Security Numbers, driver’s license numbers, Visa numbers, Passport numbers, Taxpayer Identification Numbers (TINs), banking/credit card data, and biometric identifiers (i.e. fingerprints).
|
|