Data Classification

Simplifya classifies data as Confidential, Sensitive, or Public based on its level of sensitivity, value, and criticality to the company or its clients. Classification of data aids in determining appropriate security controls for the protection of data.

Definitions

Confidential

Confidential data, if compromised in some form or fashion, is likely to result in significant and/or long-term harm to Simplifya and/or its clients.

This type of information could be strictly protected by Simplifya policy, state or federal statutes or regulations, or contractual agreement. Confidential data must be protected from unauthorized access, modification, transmission, storage, destruction, or use. Access to Confidential information is restricted to those who have a legitimate purpose for accessing such data.

Sensitive

Sensitive data, when released without authorization, could cause minor, short-term harm or embarrassment to Simplifya and/or its clients. It is intended for limited distribution.

The major difference between Confidential data and Sensitive data is the likelihood, duration, and the level of harm incurred.

Protection of such information may be recommended by Simplifya policy and/or state or federal legislation. Access to Sensitive data is restricted to those who have a legitimate purpose for accessing such data.

Information classified as Sensitive could potentially be classified as Confidential if, in the aggregate, information could be reconstructed to reveal personally identifiable information.

Public

Public data is data that is readily available to the general public, either upon request or by virtue of it being posted or published on a publicly accessible website with the permission of the owner. This type of information has no legal restriction on access or usage. It may include information collected for the express purpose of public release with the knowledge and consent of the individuals the information is about.