Confidential/Sensitive Data

Confidential Information includes data protected by state and/or federal law against unauthorized use, disclosure, modification, or destruction.

Confidential and Sensitive data that has been determined to require the highest level of privacy and security controls includes, but is not limited to, the following:

• Social security number (SSN)

• MACC Student ID number

• Emails and other communications regarding internal matters

• Passport number, state-issued driver‘s license number, state-issued non- driver identification card number, taxpayer identification number, and financial account number

• Maiden name, Mother‘s maiden name

• Bank account information

• Credit card number, expiration date, Service Code, PIN, and magnetic strip contents

• Internet Protocol (IP) address and other persistent static identifier which consistently links to a particular person or a small, well-defined group of people

• Photographic image (especially of face or other distinguishing characteristic), x-rays, fingerprints, or other biometric image or template data (e.g., retina scan, voice signature, facial geometry)

• Information identifying personally owned property, such as vehicle registration number or title number and related information

• Information about an individual which is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information).

• Student educational records protected by FERPA (class rosters, test scores, grades, financial aid information, ADA information)

• Financial aid records, including, but not limited to a student’s FAFSA or federal tax information

• Human subject and other research data

• Passwords, PINs, and access codes

• Lists of individuals with a criminal record, students requiring behavioral intervention, student disciplinary matters, immigration status, or employee performance ratings

• Employment Records

• Protected health information, as defined in HIPAA

• Information designated as “Directory Information” under FERPA, which is withheld by the request of a student should be classified as Confidential Data. (See Appendix A of the Cybersecurity Policies)

• Course exams (questions and answers)

• IT system configurations

• Emergency response plans

• Lists of individuals participating in compliance training

Public Data

Public data is essentially any general information about the college, such as:

• Content posted on www.macc.edu
• Course curriculums
• Class schedules (not student specific)
• Course catalogs
• Information about campus activities, clubs, and organizations
• MACC College Policies
• Academic calendars
• Information on how to access educational materials
• Publicly accessible services
• Press releases
• Public communications and advisories
• Scholarly publications, research data and findings not otherwise classified as Confidential or Sensitive Data
• List of attendees at a public meeting
• Consumer Information, as designated by federal and state laws

Directory Information

Directory information may be released without the student’s consent. This information includes the following:

• Name
• Address
• Primary telephone number
• MACC alias email address for current students and personal email address for past students
• Photograph/video (see Social Media and Website policy)
• Enrollment status in any past or present semester (i.e. full/part time)
• Major or field of study
• College activities or sports in which the student participates
• Height and weight of a student engaging in athletics
• Degrees and honors received
• Name of the school the student attended immediately before enrolling at MACC

Students who do not wish to have directory information released by MACC must make such a request in writing. See FERPA Policy for further information.