Skip to main content

One Step Ahead: Data Segmentation: What Is It and How Can You Use It?

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy

Data Segmentation: What Is It and How Can You Use It?

Data segmentation is a term used by companies to group customer data into categories based on specific criteria. You can apply this concept to data that you control or handle:

  1. Electronic communication—including email, chat, collaboration applications, social media, text messages, etc. Avoid sending sensitive data via email, chat, social media and text messages. Instead, utilize University-approved services when sending sensitive data within Penn. If you receive an email or text with sensitive information, save the data to a secure location before deleting the communication. 
  2. Financial—The University classifies its financial account numbers and credit card data as high in the Data Risk Classification; it is essential to keep such information in a secure, approved location and access should be by authorized users only.
  3. Health—Health data and HIPAA-regulated data are high in the Data Risk Classification. Both should be saved in a secure, approved location accessed by authorized individuals only. You can sub-group the information into type, year and data owner. HIPAA data should only be stored in HITECH-compliant ways. 
  4. Business—lease agreements or contracts may be grouped under a business segment, and sub-grouped by year, business type and entity. 

Always back up or store data in a password-protected secure digital location or in a locked cabinet. When you are purging information, shred physical copies and securely delete the information from your computer and other devices in accordance with the University Archive’s Record Retention Schedule. 

Refer to Penn Data Risk Classifications when handling University Data: https://www.isc.upenn.edu/security/data-classification 

Penn Privacy HIPPA information: http://www.upenn.edu/oacp/privacy/penndata/hipaa.html

For additional tips, see the One Step Ahead link on the Information Security website: https://www.isc.upenn.edu/security/news-alerts#One-Step-Ahead

Back to Top