RDIR: Restricted Data Identification & Registry

RDIR is a web application with two important goals driving its development. First, RDIR seeks to inform systems and application administrators on campus about the various federal, state and institutional policies that place restrictions on data and that put forth requirements or recommendations in protecting that sensitive information. Second, RDIR seeks to create inventories of the restricted data maintained by campus systems. Given the recent compromise of student data, it’s more important than ever to know which UC Berkeley systems maintain what kinds of restricted data.

Campus policy experts will use RDIR to describe the legislation or policies that affect UC Berkeley systems, such as HIPAA, FERPA and California Senate Bill 1386. Each of these policies is described as a set of data elements and rules, which RDIR uses to create a questionnaire, or wizard, through which system administrators and/or application managers on campus can identify and register their systems’ sensitive data. A core function of RDIR is to provide those administrators with a high level understanding of the restricted data policies that may apply to their systems and recommendations for protecting their data.