Finding Personal Identifiable Information
Knowing you are responsible for protecting personal identifiable information (PII) is only half the battle. You need to know to identify and protect the data. Use the following steps to help you.
1. Know where this data exists.
All PII and other confidential information must be protected. An important first step is knowing what you have and where it is. Restricted data can be in current or old files, including archives. Be sure to check copies, back-ups and previous versions of files.
2. Destroy confidential data which is no longer needed.
a. The best way to protect restricted data is to not have it in the first place. Work with your college or UTS support staff on locating and deleting confidential data securely and completely. If you do not have an IT support person contact Information Security Services at firstname.lastname@example.org.
b. Cornell University provides a free open source software program, named Spider, that will scan computers running Windows, Mac OS X, or Unix. It is a little less user friendly than commercial software. There are help resources available online, but this product is not support at Ball State. The Technology Helpdesk will not be able to help you with questions.
b. Make sure to clean devices before re-using or recycling them. If you are unsure of how to clean your device work with your college or UTS support staff. There are software tools available to aid you. CCleaner is a free tool that will clean your computer.
c. Shred or otherwise destroy confidential data before throwing it away. It is not uncommon to find sensitive and even PII in trash cans, recycling bins, and dumpsters. This data can be on paper, computers, hard drives, etc. For a more detail explanation on destroying confidential information review the policy.
3. Never share or discuss confidential data with unauthorized individuals.
4. Know who has access to folders before you put confidential data there.
5. Do not PII in locations that accessible from the Internet.
6. Do not leave confidential information lying around, including on printers, fax machines, or copies even when you step away briefly.
7. Set up your workstation so that unauthorized people and passer-bys cannot see the information on your monitor. (CTL ALT Delete)