|Institutional Perspective||Data is treated as an institutional asset and managed through a service-focused framework.|
|Uniqueness||All common concepts draw upon an authoritative source of data.|
|Common Vocabulary||Data elements are defined using a common vocabulary.|
|Access||To enable them to provide outstanding service, employees can access data that is accurate, timely and appropriate to their roles.|
|Privacy||A Collection and Notice Strategy1 is required before obtaining, using, or sharing data. Data received is subject to clear rules around security, privacy, consent, and compliance with applicable laws.|
|Limitation of Purpose||Data is to be collected, shared and used only for specified and authorized purposes.|
|Transparency||Data is processed in a consistent, lawful, fair and transparent manner.|
|Quality||Data quality is optimized throughout the data life cycle.|
|Security||All data elements are protected in a manner that is appropriate to their use and commensurate with their sensitivity, whether stored in an enterprise system or a local repository.|
1 Personal information provided to York University is collected under the authority of the York University Act, 1965. At all times this information will be protected in accordance with the Freedom of Information and Protection of Privacy Act (FIPPA).
Policies and Standards
Policies and standards on the data lifecycle.
Information Security Classification Standard
This standard establishes the classification categories to be used in accordance with the Information Security Classification Procedures and can be found here.