Data Privacy Day 2025 is Tuesday January 28th, bringing awareness of the importance of safeguarding our personal and institutional data. This gives us an opportunity to reflect on our data handling practices and to adopt new strategies to protect sensitive information. Below are two topics to prioritize data protection and privacy. Remember, you play a vital role in ensuring the confidentiality, integrity, and accessibility of the data we collect at Indiana University.
The Revamped Critical Data Guide
A key resource that has received an overhaul this year is the Critical Data Guide, a comprehensive guideline designed to help navigate the complexities of data classification and storage.
The Critical Data Guide is an essential resource for any IU employees handling sensitive data. It offers detailed guidance on how to properly store and manage electronic and paper records by providing you with an understanding of:
- How IU classifies data
- The types of data we collect at IU
- Your data handling responsibilities
- How to report a data related incident
By familiarizing yourself with the new version of the Critical Data Guide, you can better implement its recommendations and contribute to a safer and more secure data environment, protecting both personal and institutional information.
Clean up your cloud storage as an easy New Year’s Resolution
Another highlight this month is the periodic review of cloud file storage to keep it organized and secure. We recommend an annual review of files stored in tools such as Microsoft at IU Secure Storage to remove old files and folders you no longer need. For files that are still needed, it is also highly recommended that your file permissions and sensitivity labels are up-to-date.
Managing Shared Files and Permissions
If you no longer need access to a file or folder that's been shared with you, or if you see someone who should not have access:
- Open the file(s) in OneDrive or SharePoint, depending on where the file is stored.
- Pick the “Manage access” option and select the relevant name in the list.
- Select the “Remove direct access” option.
Note: You might need to contact someone with owner permissions if you are unable to edit access yourself.
If an item is still needed, but contains restricted or critical data, the content owner is required to move it to an existing Microsoft Team, or a new Team should be created through the shared storage feature. To learn more, see Microsoft at IU Secure Storage.
Information Protection Sensitivity Labels
Microsoft Information Protection sensitivity labels can be used at IU to help classify documents and data according to their data classification. You are encouraged to adjust labels that appear to be incorrect so that appropriate protections can be placed on sensitive content. The generative AI tool Copilot 365 can read through files stored in Microsoft at IU Secure Storage. This makes it crucial that files containing critical data are correctly labeled to prevent it from combing the sensitive content without approval.
Generative AI tools at IU
Generative AI tools are becoming increasingly important in various fields, including education, research, and administration. At Indiana University, several generative AI tools are available to faculty, staff, and students to enhance productivity, creativity, and efficiency.
The resources mentioned above detail the AI services that have a contract with IU, which include specific safeguards for protecting institutional data. Additional Generative AI tools (like ChatGPT Plus) are not authorized for use with any institutional data.
If you wish to request a new Generative AI tool, please complete the Generative AI Product Request Form to determine if a full security review is needed.
Need help?
If you need further assistance, you may check with the University Information Policy Office (UIPO) at uipo@iu.edu or 812-855-UIPO.