Cornell University expects all data stewards and custodians who have access to and responsibilities for university data to manage it as set forth in this policy. This is in accordance with the rules regarding collection, storage, disclosure, access, processing, destruction, and classification of information and minimum privacy and security standards.
IT Security Office, Weill Cornell Medicine Privacy Office.
7/24/2020: Substantial revisions to align with current technology and security environment. Data classifications changed from Confidential (Level 1) to High Risk; Restricted (Level 2) to Moderate Risk; and Public (Level 3) to Low Risk. Removed Procedures section for Weill Cornell Medicine.
6/25/2018: Updated hyperlinks throughout.