Level 2 Internal Use Data

Description

Internal use data is information that must be protected due to proprietary, ethical or privacy considerations.  Although not specifically protected by statute, regulations or other legal obligations or mandates, unauthorized use, access, disclosure, acquisition, modification, loss or deletion of information at this level could cause financial loss, damage to cause financial loss, damage to the CSU’s reputation, violate an individual’s privacy rights or make legal action necessary.

Non-directory educational information may not be released except under certain prescribed conditions.

Level 2 access will be granted on a strict “need-to-know” basis only and will be restricted to authorized staff and other participants who have executed an approved Non-Disclosure Agreement (NDA).  This information includes organization contact lists, internal processing procedures, employee schedules and other information required to function within the organization but too sensitive to release to the public.

Examples

  • Identity Validation Keys (name with)
    • Birth date (full: mm-dd-yy)
    • Birth date (partial: mm-dd only)
  • Student name with personally identifiable education records
    • Grades
    • Courses taken
    • Schedule
    • Test scores
    • Advising records
    • Educational services received
    • Disciplinary actions
  • Employee Information
    • Employee net salary
    • Employment history
    • Home address
    • Personal telephone numbers (including emergency contacts)
    • Personal e-mail address
    • Payment History
    • Employee evaluations
    • Disciplinary actions
    • Background investigations
    • Mother’s maiden name
    • Race and ethnicity
    • Parents and other family members names
    • Birthplace (city, state, country)
    • Gender
    • Marital Status
    • Physical description
    • Photograph (voluntary for public display)
  • Other
    • Library circulation information
    • Trade secrets or intellectual property such as research activities
    • Location of critical or protected assets
    • Licensed software