Quick Links: | About the Information Security Office (ISEC) | Reporting Security Incidents | Understanding Data Classification | Protecting University Data | Policies and Privacy Standards |
About the Information Security Office (ISEC)
The Information Security Office (ISEC) protects Chico State’s digital assets by establishing policies, training, and tools that support secure data practices. Properly securing, managing, and storing data is an essential part of our security profile at Chico State.
Contact ISEC
For information security questions, consultation, or assistance, contact the Information Security Office:
Reporting Security Incidents
If you suspect a data breach, unauthorized access, data leak, or other security incident, contact ISEC immediately.
Report a Security Incident or Data Leak
Understanding Data Classification
Chico State data is categorized into three levels to ensure appropriate handling:
| Classification |
Description |
Examples |
| Level 1 – Confidential |
Highly sensitive data protected by law or policy. Unauthorized disclosure could cause significant harm. |
Social Security Numbers, financial records, medical data |
| Level 2 – Internal Use |
Restricted to university employees and approved contractors. |
Chico State ID numbers, internal memos, employee evaluations |
| Level 3 – Public |
Information intended for public release. |
Campus maps, public websites, press releases |
View Chico State Data Classification and Protection Standards
View CSU Information Security Policy and Standards
Protecting University Data
Secure File Storage and Sharing
Use only Chico State–approved platforms for file storage and collaboration. Avoid storing sensitive data on personal devices or third-party apps.
Learn more about Secure File Storage and Sharing
Device Sanitation and Disposal
Devices (computers, tablets, USB drives) that store university data must be properly wiped and disposed of when replaced, transferred, or destroyed.
View Electronic Device Disposal and Transfer Procedures
Records Retention and Data Security
All university data must be retained and disposed of according to the official Records Retention and Disposition Schedule.
View Records Retention and Disposition Schedule
Annual Access Review
Access to Level 1 (confidential) data must be reviewed annually to verify continued need and remove unnecessary access.
View CSU Access Control Standard
Policies and Privacy Standards
Chico State complies with CSU system-wide and applicable federal, state, and global privacy standards, including the General Data Protection Regulation (GDPR).
View Chico State Data Privacy Policy
View CSU Information Security Policy and Standards
Still need help? Contact IT Support Services for further assistance.
Help us improve our Knowledge Base! Click Yes or No below, then let us know what worked — or what didn’t. Your feedback helps us improve our content and provide the best possible support.