Effective Date: December 1, 2007
Latest Revision: October, 2013
As indicated in the Columbia University Information
Security Charter (the “Charter”)[http://policylibrary.columbia.edu/information-security-charter], any person who uses, stores or
transmits Data (as defined in the Charter) has a responsibility to maintain and safeguard such Data.
The first step in establishing the safeguards that are required for particular types of Data is to determine the level of sensitivity applicable to particular Data. Data classification is a method of assigning such levels and thereby determining the extent to which the Data needs to be controlled and secured.
See Full Policy Text at right