Data Classification Definitions
| Service | Public (Low Risk) | Internal (Medium Risk) | Confidential Non-PCI/PHI* (High Risk) | Regulated Non-PCI/PHI* (High Risk) | Regulated PCI/PHI* (High Risk) |
|---|---|---|---|---|---|
| Outlook (email and calendar to internal @yorku.ca accounts) | β | β | β | β | β |
| Outlook (email and calendar to external non-York accounts) | β | β | β | β | β |
| Teams | β | β | β | β | β |
| SharePoint (Default templates) | β | β | β | β | β |
| SharePoint (Custom templates) | β | β | With approval | β | β |
| OneDrive for Business | β | β | β | β | β |
| Forms | β | β | β | β | β |
| Loop | β | β | β | β | β |
| Viva | β | β | β | β | β |
| Copilot Free With Enterprise Data Protection | β | β | β | β | β |
| Copilot Premium | β | β | β | β | β |
| Power Platform (Power Apps, Automate, BI) | β | β | β | β | β |
*Payment Card Industry (PCI), Personal Health Information (PHI)
