Data Elements

The following table lists individual data elements that must be treated as Confidential or Sensitive Data due to Appalachian’s legal, contractual, and risk based objectives. If you are dealing with one of these data elements and evaluating new processes or storage and sharing options, then you need to contact the ITS Office of Information Security for review and assistance.

Resources:

Data Element Classification Level Compliance Areas Description
Alien or Immigration ID
Confidential
FERPA
GLBA
NCID Theft
NC HR Act
Issued by the U.S. Citizenship and Immigration Services (USCIS) or the former INS, also called A-Number, green card number, or Permanent Resident Card number
Attorney Client Relationship
Sensitive
NC Public Records
Information exchanged between a client and their lawyer or legal counsel; may also be referred to as attorney-client privilege
Banking Account Number
Confidential
GLBA
HIPAA
NCID Theft
NC HR Act
A group of numbers (usually 10-12 digits) that is specific to one's personal bank account
Banner ID
Public
Beneficiary Information
Confidential
NCID Theft
NC HR Act
The person or entity entitled to receive the claim amount and other benefits upon the death of the benefactor or on the maturity of the policy.l
Biometric Information
Confidential
NCID Theft
Unique identifiers include fingerprints, hand geometry, earlobe geometry, retina and iris patterns, voice waves, DNA, and signatures. Biometrics is a very strong authentication mechanism as it is based on something that you are, as opposed to something you know or something you have.
Birth Date
Confidential
FERPA
GLBA
HIPAA
NC HR Act
FTC Red Flag
The month, day, and year a person is born
Criminal Investigation Report or Police Record
Confidential
FERPA
NC Public Records
NC HR Act
A report that involves the study of facts, used to identify, locate and prove the guilt of an accused criminal; an official file, held by the police, containing details of any criminal offenses committed by an individual
Dependents (relationship to individual or employee)
Sensitive
NC HR Act
A person(s) who relies on another, especially a family member, for financial support.
Disability Information
Confidential
FERPA
HIPAA
NC HR Act
An impairment that may be cognitive, developmental, intellectual, mental, physical, sensory, or a combination of these.
Driver's License Number
Confidential
FERPA
NCID Theft
FTC Red Flag
Specific identification number assigned to a driver by the issuing government agency. This number is usually required to be displayed on the individual's driver's license issued by his or her state.
Employee HR File Information (e.g., performance, benefit, financial, medical)
Confidential
GLBA
NC HR Act
The main employee file that contains the history of the employment relationship from employment application through exit interview and employment termination documentation.
Fingerprints
Confidential
NCID Theft
Fingerprints contain unique patterns of ridges and valleys that are present in an individual’s skin. These patterns are unique to every individual and thus help to identify individuals from an entire population. Fingerprints are inherent to individuals and can neither be lost nor stolen which makes it highly accurate and reliable.
Home Address
Sensitive
FERPA
NC HR Act
FTC Red Flag
The address of the house, apartment, or dwelling that a person lives in
Marital Status or Effective Date
Sensitive
FERPA
GLBA
NC HR Act
The classification of legal married status, including married, widowed, separated, divorced, or single; date on which a transaction is recorded or when an agreement takes effect.
Medical Records (including medical ID number - PHI)
Confidential
FERPA
HIPAA
NC HR Act
The systematic documentation of a single patient's medical history and care across time within one particular health care provider's jurisdiction
Mother's Maiden Name
Confidential
FERPA
GLBA
HIPAA
NCID Theft
An individual's mother's surname or birth name before she marries and takes her husband's last name
Passport Number
Confidential
FERPA
GLBA
NCID Theft
NC HR Act
FTC Red Flag
US Passports contain a variety of identification features, including passport numbers, which are between six and nine characters, including letters and numbers.
Payment Card Magnetic Strip Information (NOT to be stored by AppState)
Confidential
PCI-DSS
NCID Theft
A strip of magnetic information that is affixed to the back of a plastic credit card or debit card. Some of the information that can be collected on the magnetic strip includes the card number, expiration date, credit card limit, and card usage.
Payment Card Number (PAN)
Confidential
PCI-DSS
Payment Card Number, Primary Account Number (PAN), or Card Number, is the card identifier found on payment cards, such as credit cards and debit cards. The card number is primarily a card identifier.
Payment Card PIN
Confidential
PCI-DSS
NCID Theft
An identifying number allocated to an individual by a bank or other organization and used for validating electronic transactions
Private Contributor Records
Confidential
AppState Selected (Other)
A record of anything of value given, loaned, or advanced from a private contributor
Social Security Number
Confidential
FERPA
GLBA
HIPAA
NCID Theft
NC Public Records
NC HR Act
FTC Red Flag
A nine-digit number issued to US citizens, permanent residents, and temporary working residents that are unique for each individual, used to track Social Security benefits and for other identification purposes
Student Conduct Records
Sensitive
FERPA
A file that is created in the name of each student alleged to have violated University policies. This file becomes part of a student's formal education record.
Student Loan Number
Confidential
FERPA
GLBA
NCID Theft
A group of numbers that is specific to one's student loan account