back to checklists

Classifying Data

Under State Technology Policy 141.10, Agencies must classify data into categories based on the sensitivity of the data. This checklist helps Agencies determine what type of data they are collecting and the proper handling of that data.

The following are four categories which your data will fall under. If you cannot establish the proper category for your data there are resources listed at the end of the checklist you can contact who can help you with the categorization.

  • Category 4, “Confidential information requiring special handling,” if you can affirmatively answer the following two questions then you are included in category 4

  • Category 3 “Confidential information,” if your data was NOT covered under category 4 then evaluate whether it is covered under category 4. Under category 3 the information is specifically protected from either release or disclosure by law

  • Category 2, “Sensitive information,” if your data is not covered in the above category then consider whether it is covered under category 2. Answering affirmatively to both of the following questions indicates your information is covered under this category”

  • Category 1 “Public Information,” if your information is not covered under Category 4-2 then it is probably under Category 1 or even “Open Data.” The following are characteristics of public information:

  • Still not sure it’s Public data? Consult these resources:


back to checklists

The Office of Privacy and Data Protection announces beta testing of “Privacy Modeling,” a new web application that identifies the privacy laws relevant to the product or service you wish to create.

Go to Privacy Modelling App

Something went wrong. Please try again.