Information classification is a way to communicate the sensitivity of information that you create or come in contact with, providing a framework for how RRC Polytech’s information assets are classified. The purpose of an information classification system is to recognize that different information requires different levels of controls, helping people take appropriate actions to protect information and ensure proper safeguards are in place.
Information classification covers all information, whether physical or digital:
We all play a role in protecting and securing RRC Polytech’s information from risk, including unauthorized access, modification, use, disclosure, removal, and destruction. In order to help ensure our information is protected from potential breaches, RRC Polytech has developed a four-level information classification system. Classifying information helps the author communicate the sensitivity of the information to people who may come in contact with it. And it helps those people treat it appropriately, making sure our sensitive information is always secured.
Public documents can be shared freely without any restrictions on how they are shared or secured.
See more detailed guidance on how RRC Polytech employees should share and handle RRC Public information.
Information that is relevant to an internal RRC Polytech audience and not confidential within the College. This information is not intended to be shared externally but poses no harm if made public, e.g., Staff News posts or Staff Forum (Intranet) content. The majority of the documents staff create are likely to be internal. In general, this information can be shared with RRC Polytech employees as required.
Internal documents can be shared freely amongst RRC Polytech staff. Caution should be taken, and often permission sought when sharing Internal documents outside of RRC Polytech.
See more detailed guidance on how RRC Polytech employees should share and handle RRC Internal information.
This information is confidential and sensitive, and access is limited to specific roles or groups of individuals. The inappropriate release of this information would reasonably be expected to cause minimal to moderate harm to individuals, businesses, other third parties, or the College.
Generally, this is the minimum classification for any document governed by legislation, e.g., the Personal Health Information Act (PHIA).
Protected documents can be shared with specific groups or amongst known individuals who would have a reasonable need to access the information. When in doubt, check with the document creator.
These files should be shared with adequate security measures in place to ensure the information is properly protected and only accessible to those who need to view it.
If RRC Protected information must be shared with external entities, it should be access controlled and encrypted. All custodians of such information should ensure that it is adequately protected.
See more detailed guidance on how RRC Polytech employees should share and handle RRC Protected information.
This information is highly confidential. This information is restricted to specific named individuals or very specific roles.
Unauthorized access could reasonably be expected to cause serious harm to individuals, businesses, other third parties, or the College. Significant controls are required to protect information.
Restricted documents should only be shared by the content owner or other designated individual. Recipients of restricted information should not share it without specific and express permission.
If RRC Restricted information must be shared with external entities, it should be access controlled and encrypted. All custodians of such information should ensure that it is adequately protected.
See more detailed guidance on how RRC Polytech employees should share and handle RRC Restricted information.
A breach is defined as information that is disclosed, or potentially disclosed, inappropriately or to inappropriate or unintended audiences.
RRC Polytech campuses are located on the lands of Anishinaabe, Ininiwak, Anishininew, Dakota, and Dené, and the National Homeland of the Red River Métis.
We recognize and honour Treaty 3 Territory Shoal Lake 40 First Nation, the source of Winnipeg’s clean drinking water. In addition, we acknowledge Treaty Territories which provide us with access to electricity we use in both our personal and professional lives.