Compliant Data - Information which has specified requirements for the control of confidentiality, availability, or integrity of the data due to statute or contract or other law or agreement. Compliant data is information which requires special protection because the misuse could harm members of the UMS community or compromise the mission of the System and/or any one of the Universities. Compliant data includes, but is not limited to, personally-identifiable information, confidential research information, and information that requires protection under law or agreement such as the Maine Data Act, FERPA (the Family Educational Rights and Privacy Act), GLBA (the Gramm-Leach Bliley Act), HIPAA (the Health Insurance Portability and Accountability Act), FTC “Red Flag Rule”, -by the PCI (Payment Card Industry) data security standards, and data placed on legal hold in accordance with e-discovery.
Examples of Compliant Data include:
- financial records
- health records
- student educational records
- any information which could permit a person to attempt to assume the identity of an individual.