Keeping Sensitive Data Safe

At UC Berkeley, there are several levels of protection for your data. These are called Protection Levels (PL), and they range from Protection Level P1 (formerly UCB PL0) to Protection Level P4 (formerly UCB PL2 and PL3). This range is based on the Berkeley Data Classification Standards developed by the Information Security Policy Office.

Data used with each service has a specific protection level. For example, G Suite for Education, Box, and bCourses Project Sites can be used to store and transmit general and Protection Level P3 (formerly UCB PL1) data. Currently, only CalShare is suitable for storing and transmitting Protection Level P4 (formerly UCB PL2) data, such as notice triggering data, human subject research data and other actively regulated data (defined in the campus Data Classification Standard).

Please make sure you understand the protection level of your data, and how to use the sharing settings so you can best protect your data. See UC Berkeley Box and Google Data Use Agreement or visit the Security website for more information. 

IMPORTANT: Protection Levels listed on this page do not convey approval by the Committee for Protection of Human Subjects (CPHS). Any human subjects related data storage needs to be approved by CPHS. 

What data is acceptable for each collaboration tool?

PROTECTION LEVEL ADVERSE IMPACT SERVICE
UC P4 (formerly UCB PL2) High Calshare
UC P3 (formerly UCB PL1) Moderate bCourses, Box, Google Core Apps
UC P1 (formerly UCB PL0) Limited to None Google Consumer Apps

Note: The Data Classification Standard Protection Levels have been updated to reflect a change in the UC Business and Finance Bulletin IS-3 Electronic Information Security (UC BFB IS-3) policy adopted across the UC system.

Get Help

If you have any questions related to data classification standards or need additional assistance in determining the best way to keep your data safe, please email security@berkeley.edu