Data handling procedures overview

Summary

Learn Mount Holyoke College's procedures for collecting, storing/securing, sharing/accessing, and disposing/destroying data.

Body

Introduction

This collection of data handling procedures articles for the College community was created to assist Mount Holyoke employees to securely and effectively manage information in their daily administrative, teaching, and research activities. It applies to Mount Holyoke College employees (faculty, staff, student employees) and other individuals (e.g., affiliates, vendors, independent contractors, etc.) in their handling of College data assets. This covers information and records in any form (paper, digital text, image, audio, video, microfilm, etc.) during the course of conducting College work.

Determining how to protect and handle College records and other information assets depends on the classification of those data. Classification is necessary to understand which practices are needed to protect different types of information. The more protected the information needs to be, the more restrictive the handling procedures are and the more important is adherence to the procedures guidance.

Data classifications

Mount Holyoke’s data classification policy defines the four classifications the College uses to categorize the administrative information and data assets of the College:

  •  Restricted data  - Information assets protected by state or federal law, contractual agreements and proprietary information whose loss, corruption, or unauthorized disclosure can cause severe personal, financial or reputational harm to the College, College employees, or the people we serve.

  •  Confidential data  - Information assets protected by state or federal law, contractual agreements and proprietary information whose loss, corruption, or unauthorized disclosure can cause serious personal, financial or reputational harm to the College, College employees, or the people we serve.

  •  Internal data  - Information assets whose loss, corruption, or unauthorized disclosure would not seriously impair business functions but are otherwise private within the College. 

  •  Public data   - Information assets intended for general use and whose loss, corruption, or unauthorized disclosure (general or to individuals beyond the College) would not impair College business functions.

Review the procedures

Scope and limitations of these procedures

These data handling procedures outline both essential and recommended data handling procedures based on the classification of the information being handled.  It attempts to cover most situations for administrative information and data assets of the College.  However, it is not all-inclusive and is not intended to represent all protections that may be necessary for each situation.  This document also is not meant to cover the academic assets of the college whether teaching, learning or research-related.

The overall structure of the data handling procedures focuses on the act of collecting, storing, sharing, and destroying college data assets.  Within each of these actions, general principles and guidance are followed by additional technology- and tool-specific guidance and recommendations..   

Need guidance?

When in doubt about what is allowable or best practice, if you do not find an answer in the data handling procedures documents, ask the Technology Help Desk for technical questions or the appropriate Data Steward (see below) for content, business process, or policy questions. In the event of a potential or suspected breach or compromise of, or unauthorized/unexplained access to Restricted or Confidential data, contact the Security Incident Response Team at sirt@mtholyoke.edu.

Here’s a list of the most frequently-needed Data Stewards for commonly-shared administrative data assets.  These folks may be able to answer your questions or refer it as appropriate to the Data Steward of the system of record for the information you are inquiring about.

Constituency/Data Type

Data Steward(s)

Prospective Students

Undergraduate - Admissions

Graduate - PaGE

Students

Undergraduate - Registrar

Graduate - PaGE

Office of Student Success and Career Outcomes

Alum

College Relations

Faculty

Office of the Provost and Human Resources

Staff

Human Resources

College Financial Data

Financial Services

Details

Details

Article ID: 2843
Created
Wed 11/29/23 1:59 PM
Modified
Fri 10/25/24 4:11 PM

Related Articles

Related Articles (4)

An overview of the file storage options available at MHC and which kinds of data it is appropriate to store in each.
Useful for employees who are fully remote or who have part time work from home schedules.
Borrowers of devices from the LITS Technology Helpdesk must follow the acceptable use policy as for any other device and return it as outlined in the loan agreement.
Understand when a Google Shared Drive is best for supporting your work.