What is Level 1 Data?
Level 1 Data as classified by the CSU, Cal State Fullerton, and ASI as the following (but not limited to these examples):
Classification Description: Level 1 ‐ Confidential
Access, storage and transmissions of Level 1 Confidential information are subject to restrictions as described in CSU Asset Management Standards. Information may be classified as confidential based on criteria including but not limited to:
- Disclosure exemptions ‐ Information maintained by the University that is exempt from disclosure under the provisions of the California Public Records Act or other applicable state or federal laws.
- Severe risk ‐ Information whose unauthorized use, access, disclosure, acquisition, modification, loss, or deletion could result in severe damage to the CSU, its students, employees, or customers. Financial loss, damage to the CSU’s reputation, and legal action could occur.
- Limited use ‐ Information intended solely for use within the CSU and limited to those with a “business need‐to know.”
- Legal Obligations ‐ Information for which disclosure to persons outside of the University is governed by specific standards and controls designed to protect the information.
Examples of Level 1 – Confidential information include but are not limited to:
- Passwords or credentials that grant access to
level 1 and level 2 data
- PINs (Personal Identification Numbers)
- Birth
date combined with last four digits of SSN and
name
- Credit card numbers with cardholder name
- Tax ID with name • Driver’s license number,
state identification card, and other forms of national or international identification (such as passports, visas, etc.) in
combination with name
- Social Security number and name
- Health insurance information
- Medical records related to an individual