a. Access to data classified as ‘Confidential’ or ‘Restricted’ shall be limited to authorized persons whose job responsibilities require it, as determined by the Data Security Policy or higher management.
b. The responsibility to implement access restrictions lies with the IT Security department at
[email protected]