2.2 Information Classification Flashcards
Sensitive information
Provide examples
Information that should be protected from being publicly released as it could:
Harm the safety and privacy of an individual or organisation
Examples
Medical data
Financial data
Non-sensitive information
Provide examples
Info that can be released publicly with no fear of negative consequences
Examples:
Store information such as addresses, opening hours, names of managers
Product information such as prices
Private information
Provide examples
Relates to an individual
Should not be shared with anyone else without permission
Protected by GDPR Act, needs to be stored securely
Examples:
Home
Addresses
Contact information
Birth dates
Banking details
Employee data such as linked bank accounts
Public information
Examples
Released to the public
Non-sensitive information
Examples:
Social media usernames, posts, shared images
Public business information e.g addresses, opening times
Personal information
Examples
Data about a specific individual
Examples:
Full name
DOB
Gender
Medical history
Business information
Examples
Data about a specific business
Either public or private data
Examples:
Annual sales figures
Financial data
Employee details
Addresses
Confidential information
Examples
Private data which is more restrictive than sensitive information
Access limited, only for those who are authorised
Examples:
Trade secrets
Doctors
Business profits and losses
Classified information
Examples
Highly sensitive information (Stored by government institution)
Requires highest levels of restricted access
Authorised individuals only
Three levels of CI:
Official
Secret
Top secret
Examples:
Military data
Terrorism precautions
Crime scene reports
Anonymised information
Examples
Removes personally identifiable data from information so that an individual cannot be identified
Reduces risk of legal action
Examples:
Partially anonymised information: some of the personal information removed and replaced by a symbol
Completely anonymised information: all identifiable data removed
Bank details are an example of both:
--**-6897
Problems with anonymised information
Sensitive data not anonymised enough, person can be identified
Useful information lost if too much data is anonymised
Public could lose trust in an organisation if data is insufficiently anonymised