Data Confidentiality Requirements

Every organization must determine their data confidentiality requirements based on the sensitivity of the data, how it is being used, and where it is being used. This page shows security requirements for specific data regarding how it should be stored or transmitted. The following are considerations:

  1. The type of data and its confidentiality needs
  2. Whether the data is being stored or transmitted
  3. Where the data is physically being sent or stored and the relative physical and electronic security of those areas.

Recommended Settings for Storage and Transmission of Data

Data typeStored in Trusted and Secure Network ZoneStored in Semi-Trusted and Secure Network ZoneTransmitted in or through untrusted network zone
Social security numberEncrypted (recommended)Encrypted (required)Encrypted (1)(required)
Drivers license numberEncrypted (recommended)Encrypted (required)Encrypted (1)(required)
Credit card numberEncrypted (recommended)Encrypted (required)Encrypted (1)(required)
Bank account numberEncrypted (recommended)Encrypted (required)Encrypted (1)(required)
Person nameClear TextEncrypted (recommended)
Person addressClear TextEncrypted (recommended)
Person telephone numberClear TextEncrypted (recommended)
Person email addressClear TextEncrypted (recommended)
  1. High encryption