If you have read and understood UCL's information classification scheme but you are still unsure about what 'highly confidential' means, this guidance may be helpful.
UCL defines three classes of information for security purposes: public, confidential and highly confidential. The Information Management Policy informs users what is expected of these classes of information from staff and other users.
If information is held which relates to any of the special categories of personal data defined under the General Data Protection Regulation (2016), then the information will be highly confidential under UCL's classification scheme but what if users are unsure of whether the information is 'special category'?
Under some circumstances, users may collect information in a medical context and this may still not be defined as special category:
a) when carrying out interviews with medical professionals or NHS staff where there is no requirement or likelihood of disclosing details about patients or people in their care, e.g. in the qualitative evaluation of care services
b) when carrying out experiments which measure ordinary human response to a given stimulus and participants have been selected without criteria on health or disability, political opinion, trade union membership, ethnicity, religious belief or sexuality grounds (though special category personal data may arise easily from such experiments if a participant or a researcher discovers what they understand to be unwanted medical information)
It may be that information of these sorts can be classed as 'confidential' as opposed to 'highly confidential' under the UCL classification scheme. However, users should consider this very carefully before assigning a lower classification. Support is available through email@example.com and through the UCL Data Protection Office.
Is a name highly confidential?
Names or other publicly accessible identifiers in the context of medical research, for example, will be highly confidential because these will be associated with other information such as the study name, or the folder name where they are saved. In theory, a name is not highly confidential, but in practice the context will always be visible where names are to be kept. If your login can be used to access both identifiers and separate but linked, special category information, then the special category information is no more secure than your login itself.
Why else might information be highly confidential?
Some forms of research rely on secondary data sets from sources outside of UCL. In those circumstances, there will be a requirement to handle those data sets in a confidential, and potentially highly confidential, manner depending on what the source deems to be highly confidential. In practice, the assurances that users provide to external organisations will form the basis of an agreement and a contract is highly likely to underpin this. Those assurances may be difficult to support unless the information is treated as highly confidential within UCL.