Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Confidentiality
1.
2. Confidentiality is the concept of ensuring that data is not made
available or disclosed to unauthorized people.
Confidentiality of data is accomplished by using strong encryption
algorithms that cannot be easily “broken.”
Confidentiality is important when network communications are of a
sensitive nature, such as trade secrets, client information subject to
privacy laws or policies, or business strategies that depend on the element
of surprise.
Confidentially is achieved through encryption. Both symmetric and
asymmetric encryption can be used.
3. The loss could be expected to have a limited adverse
effect on organizational operations, organization assets or
individuals.
The data is intended for public disclosure.
For Example:
College online catalog displaying academic course
descriptions.
Publicly available campus maps(campus infrastructure)
Information in the public domain.
Student login.
Job postings
4. The loss could be expected to have a serious adverse
effect on organizational operations, organization assets or
individuals.
The data is not generally available to the public.
For Example:
Faculty /staff employment applications, personnel files, benefits ,
salary, birth date, personal contact information.
Student records and admission applications.
Student attendance only staff/faculty members can view data. Student
cannot view the data.
Internal memos and email, non-public reports, budgets, plans,
financial info
Directory containing phone numbers, email addresses, and titles
5. The loss could be expected to have a serious or
catastrophic adverse effect on organizational operations,
organization assets or individuals.
Protection of the data is required by law/regulation.
For Example:
In controller office only staff can maintenance data
confidentiality(i.e. question paper information) students not
allowed to that place.
Application that stored campus network node information.
Application collecting personal information or donor, alumnus,
or other individual.
Application that processes credit card payments.