Classifying Yale Data and IT Systems 

Everyone granted access to Yale Data and IT Systems has a responsibility to protect them. However, not all Yale Data and IT Systems require the same level of protection. We determine the security requirements for Yale Data and IT Systems by classifying them into three risk levels: high, moderate and low. 

The Protect Your Data webpage explains how to classify Yale Data in accordance with Yale Policy 1604. Users of the data should also understand if the data is subject to any external obligations. 

The Classifying and Protecting Yale IT Systems guideline explains how to classify Yale IT Systems based on the data classification, availability requirement, and any external obligations. 

This section provides links to University Information Security Policies. 

This section provides contact information for members of our team. For general security questions, please contact the ITS Help Desk at or call 203-432-9000. 

If you believe your data has been lost or compromised, please contact

To report a malicious e-mail message (phish), forward the message to

To report a HIPAA Privacy Concern, fill out the paper form or online form. This will be submitted to the HIPAA Privacy Office.