Professional Documents
Culture Documents
1 Identify which column covers the information / data you wish to handle.
2 You do this by looking at the Key at the top of the Classification Matrix
For example, let's say that you need to send the hard copy personnel file of a staff
member to another person in the NHSBSA. You would look at the key in the
Classification Matrix and see that as you are dealing with person-identifiable
information you need to be looking in the "Confidential" column
Now you need to look down the first and second columns of the Classification Matrix
3
until you find the action that you want to take.
In the example we are using this would be "Transmission by Post, Fax or e-mail",
"Mail within the NHSBSA (i. e. between buildings)"
Now you need to look along the row until you get to the relevant column which lists
4
what you must do.
In the example we are using this would be the "Confidential" column where you
would find that you must send the personnel file in a "Sealed inter-office envelope
marked Confidential"
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 1 of 7 Last Updated: 11 August 2010
How To Use The Classification Matrix
Routine correspondence,
Person identifiable information
employee newsletters, internal Statutorily protected and
(except that which is
Examples of information / data Brochures, News releases, phone directories, inter-office sensitive information e.g.
Key Restricted), financial data,
to be handled Marketing Materials memoranda, non person strategic corporate plans /
purchasing information, vendor
identifiable information, internal financial information
contracts
policies and procedures
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 2 of 7 Last Updated: 11 August 2010
How To Use The Classification Matrix
Not to be located in an area Not to be located in an area Not to be located in an area Not to be located in an area
Fax Location
accessible to the general public accessible to the general public accessible to the general public accessible to the general public
Required. Coversheet to be
Required. Coversheet to be
Use of a Fax Coversheet Required Required labelled Restricted and
labelled Confidential
Confidential
Telephone before transmission Telephone before transmission
to ensure that recipient is to ensure that recipient is
waiting by the fax machine for waiting by the fax machine for
Fax Transmission safeguards Reasonable care in dialling Reasonable care in dialling the transmission. Subsequent the transmission. Subsequent
telephone call to confirm telephone call to confirm
successful receipt of the successful receipt of the
transmission transmission
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 3 of 7 Last Updated: 11 August 2010
How To Use The Classification Matrix
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 4 of 7 Last Updated: 11 August 2010
How To Use The Classification Matrix
Storage Standards
Reasonable precautions to Storage in a secure manner
No special precautions
Print Material prevent access by non- (e.g. secure area, lockable Storage in a lockable enclosure
required
employees enclosure)
Storage on secure drives.
Storage on secure drives only.
No special precautions Storage on non-public drives Storage on shared drives
Electronic Documents Password protection of
required only without password protection for
document preferred
reading is prohibited
Storage in a secure manner
(e.g. password access or
Reasonable precautions to Reduce to written form if
No special precautions reduce to written form, delete
E-mail prevent access by non- necessary secure manner or
required electronic form and store in
employees store in a lockable enclosure
accordance with storage of
printed materials)
Destruction Standards
No special precautions No special precautions Destroy in a manner that
Destruction
required required protects confidentiality
No special precautions Secure area not accessible to Secure area not accessible to Secure area not accessible to
Location of waste paper bins
required unauthorised persons unauthorised persons unauthorised persons
Prohibited, unless by special
No special precautions No special precautions Prohibited. Destruction or
Paper Recycling recycling programme for
required required shredding required
confidential information
No special precautions
Magnetic media / diskettes Overwrite or low-level reformat Overwrite or low-level reformat Overwrite or low-level reformat
required
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 5 of 7 Last Updated: 11 August 2010
How To Use The Classification Matrix
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 6 of 7 Last Updated: 11 August 2010
How To Use The Classification Matrix
Term Definition
Secure area means an area not reasonably accessible to unauthorised persons or
an area where the protected information is not unattended by an authorised person.
Secure Area
Examples include: private offices, work areas monitored by a staff member or
receptionist, most employee only areas.
Lockable enclosure means an area or enclosure requiring a keypad entry.
Lockable
Examples include: locking cabinets, drawers, desks and storage areas, private
enclosure
offices with locking doors.
Need to know Need to know basis means that a staff member may only have access to that
basis information which is necessary to do their job.
F:\BSA\IGM\Info Gov Mgt\BSA\NHSBSA Data Classification Matrix.xls Page 7 of 7 Last Updated: 11 August 2010