Data Types

(OBJ 3.3 & 1.4)

Regulated Data

• Information controlled by laws, regulations, or industry standards
• Includes data such as PII and PHI, health records, and credit card information.
• Compliance requirements
  • General Data Protection Regulation (GDPR) - European Union
  • Health Insurance Portability and Accountability Act (HIPAA) - U.S.

PII (Personal Identification Information)

• Information used to identify an individual (e.g., names, social security numbers, addresses)
• Targeted by cybercriminals and protected by privacy laws

PHI (Protected Health Information)

• Information about health status, healthcare provision, or payment linked to a specific individual
• Protected under HIPAA

Trade Secrets

• Confidential business information giving a competitive edge (e.g., manufacturing processes, marketing strategies, proprietary software)
• Legally protected; unauthorized disclosure results in severe legal penalties
  • The Krabby Patty's secret formula is a trade secret

Intellectual Property (IP)

• Creations of the mind (e.g., inventions, literary works, designs)
• Protected by patents, copyrights, trademarks to encourage innovation
• Unauthorized use can lead to legal action

Legal Information

• Data related to legal proceedings, contracts, regulatory compliance
• Requires high-level protection for client confidentiality and legal privilege

Financial Information

• Data related to financial transactions (e.g., sales records, tax documents, bank statements)
• Targeted by cybercriminals for fraud and identity theft
• Subject to PCI DSS (Payment Card Industry Data Security Standard)

Human-Readable Data

• Understandable directly by humans (e.g., text documents, spreadsheets)

Non-Human-Readable Data

• Requires machine or software to interpret (e.g., binary code, machine language)
• Contains sensitive information and requires protection

Understanding data types is crucial for data classification.