To enable saving your Data Classification results, please log in.

Public
University-Internal
Confidential
Critical

Is your data regulated under an existing law or framework?

If you know your data is regulated by a specific law or, or is controlled by a contract or legal framework, you can select the choice below to learn what Texas A&M University classification level applies.

If you're not sure if your data is regulated by any of these laws, just select "No." This calculator will guide you to the correct classification based on the content of your data.

Do you have student data?

Student data is regulated under FERPA.
Examples of student data include rosters, grades, any student-generated work and even a student's schedule. 

Do you have health data?

Do you use, access, or collect health information for any individuals other than yourself?
Examples of protected health data are clinical data, personal health records, or any data regulated under HIPAA or HITECH.

Do you have research data?

Research data is defined as “the recorded factual material commonly accepted in the scientific community as necessary to validate research findings.” Research data does not include preliminary analyses, drafts of scientific papers, plans for future research, peer reviews or communications with colleagues.

My research data contains:

Do you have financial records?

Examples of data in this category are financial aid data; federal tax information, credit card numbers, or banking information (other than your own); financial and budget data for the university or a university its unit; or any other data that falls under GLBA.

Do you have data with sensitive personal information?

Sensitive personal information is defined by Texas Government Code §521.002; it can be government-issued ID numbers or documents (SSNs, passport or licenses numbers); electronic signatures or personal biometric information; financial account numbers; or any data that falls under GDPR.

Do you have controlled unclassified information?

This type of data requires special handling and processes.
Examples include: export-controlled information (under EAR or ITAR); or data from a federal agency that is controlled unclassified information (CUI).

Do you have government classified or other similarly restricted data?

This type of data requires special handling and processes.
Examples include: highly classified research; classified information relating to defense services; or information covered by an invention secrecy act.

Do you have data related to other university business?

Other types of university data are related to the administrative and business functions of the institution. This includes a wide variety of data with different levels of sensitivity.

I have data that contains:

Do you have data that doesn't fit in the categories above? Is it Public?

Public data is the category of data with the lowest sensitivity, and is openly available to the public, or available upon request without screening.

Examples include:

  • Data intended for distribution on a publically-accessible website
  • Public directory information for employees or departments
  • Directory information for students who have not requested a FERPA block
  • Intercollegiate sports information (team rosters, schedules, etc)
  • Research publications not under embargo
  • Official university communications and public announcements

I have data that falls into one of these categories.

Your Results

These results are only a guide. If you have questions, please contact Technology Services at it-security@tamu.edu.

Do you want to save your Data Classification results? You may need your results to complete processes with the Texas A&M University Chief Information Security Officer, Privacy Office and/or the Division of Research.