Information Technology Services

Restricted Data: Restricted data is data in any format: Collected, developed, maintained or managed by or on behalf of the University, or within the scope of the University activities that are subject to specific protections under federal or state law or regulations or under applicable contracts, and whose loss or unauthorized disclosure would impair the functions of the University, cause significant financial or reputational loss, or lead to potential legal liability, such as patrons social security numbers, or credit card numbers.

Please click here for the University Policy

Please note that this list is not all-inclusive; if you are not sure if data is considered restricted, please contact FGCU Help Desk via Email or 239-590-1188.

It is okay for you to work with this data, but you have to be mindful of where you store it.

Electronic Copies:

• Your departmental "private" file share folder (P:\),
• Your cross departmental file share folder (R:\), or
• Your home file share folder (W:\)
• Do NOT store in cloud storage such as OneDrive, SharePoint, MS Teams, Dropbox, etc.
• If stored on your local computer or laptop, the data must be encrypted (refer to ITS KB > Encrypting files using 7-Zip)
• Remove it when you no longer need it

Physical/Hard copies:

• Should be printed locally and retrieved immediately to avoid pickup by someone else
• Must be retrieved immediately from network printer (if no local printer available)
• Do not fax hard copies of restricted data
• Store in a secure location, such as a locked file cabinet
• Dispose via a cross-cut paper shredder

Important Note: Even when notetaking, if ANY information mentioned above has been captured, do NOT leave out in the open and destroy when no longer needed

Example 1: Electronic Grade Book:
Tracy Smith downloads a copy of the grade book from Canvas. The grade book in Canvas includes the following columns: UIN, student name, grade. Due to fact that the downloaded file contains all three identifiers about a student, this is restricted information. Ms. Smith should encrypt the file, including the grade information, if she stores it on her computer (refer to ITS KB > Encrypting files using 7-Zip).

Example 2: Paper Grade Book:
Tracy Smith has a binder in her office that includes the grades of her students from past years. The students are all identified by UIN and name, and beside their names are their grades. Ms. Smith can keep this grade book as long as she stores it in a locked location, such as a locked filing cabinet or locked bin (refer to ITS KB > Encrypting files using 7-Zip).

• Remote access to the data must be via FGCU's VPN services, unless you use systems such as Gulfline or Canvas. These systems use a secured connection (SSL) and require authentication. For more information, access ITS > Connecting Remotely and ITS KB > Remote Access Guidelines
• You should NOT download restricted data to your remote computing device
• If downloaded, data must be encrypted (refer to ITS KB > Encrypting files using 7-Zip)
• Remove the data when you no longer need it

Encryption is the method of using a user supplied key, such as a password, to encode a file into an obfuscated format. This makes the file unusable until it is decrypted back into its original format. To do so, you must use the key and the program that were used to encrypt the file. Since the file will be unusable without the encryption key, it is imperative that you use a key you can remember.

• Must not be sent via email
• May be shared with other people at FGCU file share:
  • Departmental "private" file share folder (P:\)
  • Cross departmental file share folder (R:\)
• If you must send the data to someone outside the university, it must be encrypted and sent via secure method (refer to ITS KB > Encrypting files using 7-Zip). If data is shared with an external entity, it must be accounted for in the annual restricted data inventory.

• Determine if you MUST save the restricted data
• If you must store restricted data on your PC, then your PC MUST be encrypted

• Devices such as desktop computers, laptops, printers, tablets must be disposed of by ITS to prevent restricted data from leaving the university because they follow an FGCU approved process to ensure data security
• Other storage devices, such as CDs, flash drives, tapes must be disposed of via the office of Records Management

If you need to store restricted data in electronic format, FGCU recommends you do so in your departmental share folder, or cross group folder; otherwise, encrypt (refer to ITS KB > Encrypting files using 7-Zip). 

** Do NOT store restricted data on OneDrive, SharePoint, MS Teams, Dropbox, etc.

Other storage locations, such as cloud storage or removable drives should not be used for restricted data. If this location is the only available location, restricted data stored there MUST be encrypted.

In the case of lost restricted data, please contact the University Help Desk immediately at 239-590-1188.

Remove restricted data from any system that is not the permanent resting place of the data as soon as possible. Please consult the office of Records Management with any questions you may have regarding storage, document management, security, retention and destruction.