Your organization stores a lot of data, from employee records to client information to corporate intellectual property to partner business information and beyond. Not all that data is of the same sensitivity. Some, such as government information, healthcare records, personally identifiable information, or bank account/payment data may be covered by one or more regulations, making a breach of that data significantly more impactful for your organization than, for example, the loss of your organization’s business plan for the next fiscal year. As a result, your organization may choose to protect data of different sensitivity in different ways. A Data Protection Policy outlines your organization’s approach to categorizing the different kinds of data you hold and how it should be protected.

• Policy – Data Protection

Creation of this template was generously sponsored by:

All templates and other information provided by the CMMC Information Institute are provided as-is and without any warranties, express or implied, including any warranty of merchantability and warranty of fitness for a particular purpose.