Data Storage Policies

Before storing or sharing information, you must determine the type of data you are working with.

Data types and how they can be stored and transferred.
Data Type
and their Data Owner
DescriptionAllowed?
NevadaBoxWolfCloudEmail - InternalEmail - ExternalFax
Directory Information
owned by Human Resources
Publicly accessible employee directory information. Yes Yes Yes Yes Yes
Account Identification Information
owned by End User
Private information used to access an account such as passwords and personal identification numbers (PIN) No No No No No
University Financial Information
owned by University Controller
UNR account numbers Yes Yes Yes Yes Yes
Credit Card Information
owned by University Controller
Credit card numbers, PINs, CCVs No No No No Yes
Personally Identifiable Information (PII) - Unregulated
owned by Human Resource / Student Services
Unregulated data such as full name and address Yes Yes Yes Yes Yes
Personally Identifiable Information (PII) - Regulated
owned by Human Resource / Student Services
Regulated data such as Social Security numbers, DOB see NRS 601A.040 No No No [!] Yes
FERPA
owned by Registrar
PII relating to students; can be grades, class schedules, etc. Yes Yes Yes [!] Yes
Protect Health Information (PHI/HIPAA)
owned by School of Medicine: Dean, University: Division Head or VP
Any information about health status, provision of health care, or payment of health care that is linked to an individual. Please contact IT Support for the proper storage and transmission of this type of data.
Export Controlled Data
owned by VPRI
Further information, and a definition of Export Controlled Data, can be obtained from the Office of Sponsored Projects. Please contact the Office of Sponsored Projects for the proper storage and transmission of this type of data.
Personal Files
owned by End User
Any files (including photos and music) that is unrelated to the work that you conduct for the University. All personal files must be transmitted and stored only via personal means.

[!] Only if both parties are lawfully authorized to the data, and it is encrypted during transfer.


For assistance clarifying the type of data you are working with, contact the data owner. If you are unable to identify the data owner, or for technical assistance, please contact IT Support.