Information Classification Management

Data privacy and security are hot button issues today. Consumers are concerned with identity theft. Corporations want to safeguard their trade secrets and intellectual property from competitors and other miscreants. And state and federal governments are increasingly legislating stiff penalties and public disclosures when a privacy breach occurs. The ante has been raised for companies. Safeguarding sensitive and confidential data is a hard business requirement that can no longer be ignored. As a result, IT is being asked to take steps to mitigate corporate risk and secure data throughout the enterprise.

Corporations across a wide swath of industries from financial services to retail to high technology manufacturing are increasingly storing and coming into contact with sensitive information. Sensitive information is defined broadly and depends on the business context. However, typically sensitive information is any type of information that could result in financial or irreparable harm to the corporation or its customers if it is obtained by malicious individuals.

Sensitive information can be classified in the following categories:

• Human Resource Records – Examples include payroll and employee personnel data.

• Consumer Information – Examples include customer Social Security Numbers (SSNs), and credit cards numbers that may be on file.

• Intellectual Property & Trade Secrets – Examples include customer lists, price lists, terms of business agreements, patents, technical specifications, source code, and other proprietary information.

• Healthcare Records – Examples include patient name, medical record number, medical records, images, and charts of a patient.