Disclosure could cause severe harm to individuals and the company, including exposure to criminal and civil liability.
Has the most stringent legal or regulatory requirements and requires the most prescriptive security controls.
Legal and/or compliance regime may require assessment or certification by an external, third party.
Disclosure could cause significant harm to individuals and the company, including exposure to criminal and civil liability.
Usually subject to legal and regulatory requirements due to data that are individually identifiable, highly sensitive and/or confidential.
Disclosure could cause limited harm to individuals and the company with some risk of civil liability.
Either subject to contractual agreements or regulatory compliance or is individually identifiable, confidential, and/or proprietary.
Encompasses public information and data for which disclosure poses little to no risk to individuals or the company.
Anyone regardless of institutional affiliation can access without limitation.