One Step Ahead |
|
January 24, 2012,
Volume 58, No. 19
|
Another tip in a series provided by the
Offices of Information Systems & Computing and Audit, Compliance & Privacy.
The Best Way to Protect Data is
Not to Have It
While much data at Penn is absolutely necessary to our everyday operations and mission, most people retain sensitive data longer than they need to. This is true for paper documents as well as computer files, emails, and so on. And keeping unnecessary data creates unnecessary risks both to the individuals whose data is kept and to Penn.
Paper Files. Review your paper files containing confidential data and shred them when allowed (see below). To arrange for shredding, contact the University Records Center at (215) 898-9432. You can have any number of shredding bins placed and picked up based on your office’s needs.
Electronic Files. There are many tools, depending in part on your operating system, to securely delete your files. Visit www.upenn.edu/computing/security/privacy/data_clear.php. If disposing of computer equipment, make sure to securely remove any sensitive data. See www.upenn.edu/computing/provider/recycle/index.html
Records Cleanup Day. Spread good practices by hosting your own Records Cleanup Day. For information and tools to help, see www.upenn.edu/privacy
Important Note: We must not shred or delete information that is an original and still within the University’s records retention requirements. Nor should we destroy any information if there is an actual or likely claim, lawsuit, government investigation, subpoena, summons or other ongoing matter involving such records. When in doubt, retain the information and keep it secure.
For more information, see Frequently Asked Questions at www.upenn.edu/privacy/Brochures/FAQs.pdf
_________________
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/
|