DatatypessubjecttoSecurityand/orPrivacyrequirements
Asof11-6-2015
SCDivisionofInformationSecurity
Source:http://www.admin.sc.gov/technology/information-security/policies-and-procedures
Public
InternalUse
Confidential
Restricted
Public-facingwebsite
content
Publiclydistributed
information
Agencycontactinformation
Brochures
Pressreleases
Meetingagendasand
minutesfrompublic
meetings
Agencypolicies,procedures,
and/orstandards
Unpublishedinformationabout
agencypersonnelsuchashome
telephonenumbersandhome
addressesusedforemergency
contact
Trainingmaterials
Personaldemographics(race,
placeofbirth,weight,religion)
Internalmeetinginformation Pension/Retirementbenefit
information(actualamounts)
Directtelephoneline
PhotographsofIndividual
numberstostaff
people
Aggregateddata
Biometricidentifiers
Informationreceivedfrom
and/oraboutabusiness(tax
information,businessplans)
Allinformationexemptfrom
disclosurepursuantto§30-4-40
oftheSCCodeofLaws(SC
FreedomofInformationAct)
Passwords
Securityplans,network
architecture,etc.
SouthCarolinaDataBreachLaw
SeeSECTION39-1-90(D.3.)ofhttp://www.scstatehouse.gov/code/t39c001.php
(3)"Personalidentifyinginformation"meansthefirstnameorfirstinitialandlastnamein
combinationwithandlinkedtoanyoneormoreofthefollowingdataelementsthatrelate
toaresidentofthisState,whenthedataelementsareneitherencryptednorredacted:
(a)socialsecuritynumber;
(b)driver'slicensenumberorstateidentificationcardnumberissuedinsteadofadriver's
license;
(c)financialaccountnumber,orcreditcardordebitcardnumberincombinationwithany
requiredsecuritycode,accesscode,orpasswordthatwouldpermitaccesstoaresident's
financialaccount;or
(d)othernumbersorinformationwhichmaybeusedtoaccessaperson'sfinancial
accountsornumbersorinformationissuedbyagovernmentalorregulatoryentitythat
uniquelywillidentifyanindividual.
Federaltaxinformation
receivedfrom,orderived
from,theIRSorsecondary
sources(IRSPub.1075)
ProtectedHealthInformation
1
(HIPAA /HITECH)
Individualfinancialinformation
subjecttoGLBA
SocialSecuritynumbers
2
Debitorcreditcardnumbers Driver’slicenseinformationor
Stateidentificationcard
information
Bankaccountnumbersor
informationwithpersonal
identificationnumbers(PINs)
orpasswords
Passportnumbers
Childwelfareandlegal
informationaboutminors
(juvenilejustice,fostercare
and/oradoption)
Witnessprotection
information
DNArecord&profile
containedintheStateDNA
database
Datesofbirth(iflinkedto
otherinformationabouta
person)
3
Studenteducationrecords Tradesecrets
Employeeidentification
Number(EIN)ofasole
proprietor
1
HealthInsurancePortability&AccountabilityAct.Seehttp://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
and
https://www.cms.gov/Regulations-and-Guidance/HIPAA-Administrative-Simplification/HIPAAGenInfo/Downloads/CoveredEntitycharts.pdf
2
ThePCIDataSecurityStandardappliestomerchantsandcreditcardprocessorsthatstore,process,ortransmitpayment
cardholderdata.Seehttps://www.pcisecuritystandards.org/security_standards/getting_started.php
3
FamilyEducationalRights&PrivacyAct(FERPA,http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html)restrictionsapplyto
non-directoryinformation.USCdeclaresitsdirectoryinformationathttp://bulletin.sc.edu/content.php?catoid=91&navoid=10536
andtheRegistrarprovidesafactsheetathttp://registrar.sc.edu/pdf/fast_ferpa.pdf