Libraries, perhaps more than most employers, already recognize the importance of safeguarding personal information. The following organizations represent individuals employed in records management and human resources HR information technology.
Handling Paper Records Physically Secure Your Equipment Portable equipment such as laptops and handheld devices are easy targets for theft; do not leave them unattended.
It only takes a moment for someone to pick up your laptop or handheld device while your attention is diverted. Use Firewall Protection Firewalls protect computers from network-based attacks by preventing hackers outside of the firewall from scanning computers for network vulnerabilities.
A hardware-based network firewall protects the SF State network against attacks from outside of the firewall. However, viruses and worms can still be spread to other workstations via e-mail and file transfers within the firewall.
A network firewall does not control spyware, laptops brought to and from campus, or security problems originating from within the firewall. Software-based firewalls included with Windows and Mac OS should be enabled.
They can be installed separately on many other operating systems. All computers should use a software-based firewall when available. Routers are physical devices that are placed between a computer, or network of computers, and the Internet.
Routers for home use usually provide both wireless and wired connections. Routers should not be installed on-campus. Set Strong Passwords Set strong account passwords to protect computers and servers from being accessed by unauthorized individuals or entities.
Many systems on campus limit the special characters that can be used. Allowable characters for SF State passwords include, for example: If you write down passwords, they must be secured in a locked area or encrypted. Do not store passwords unencrypted in a file on the computer, on the back of your laptop or in the carrying case Set the screen saver password option to lock your computer when the screen saver is activated.
When you begin working again, you will be prompted to type your password to unlock your computer In general, do not store passwords in applications such as Web browsers or e-mail clients.
If you choose to do so you will need to activate additional mechanisms such as screen locks with strong passwords and encryption of the drive to prevent access. Passwords should never be cached on public machines If needed, use password management programs with encryption to safeguard multiple account names and passwords e.
Confidential data should not be stored on these devices unless it is encrypted. When access to files containing sensitive data is necessary, such data should be stored on protected servers within the campus firewall and viewed over secure network connections when needed.
In this way, sensitive data need not be stored on local laptops or desktops, and is therefore not vulnerable in case of equipment theft.
SF State has implemented a new Secure E-Waste and Paper Disposal process for the disposal, transfer or surplus of electronic devices capable of storing sensitive data.
Note that student records created prior to may contain partial social security numbers used as student IDs. Media containing software which is covered by a license agreement between San Francisco State University and a software vendor should be treated as containing confidential data in order to protect the terms of the license agreement.
Encrypt Confidential Electronic Data In the exceptional case when there is a requirement to store confidential data on a desktop, laptop or other device, special security measures such as encryption must be employed.
The encryption technology bundled with the Windows and Macintosh operating systems provides a layer of protection against casual thieves. Stronger encryption software is available for impenetrable security; however, your encrypted data is not recoverable if you forget your password.Safeguarding personal information General considerations Information gathered during the intake process and the provision of services is sensitive as it contains details about a women's personal history and needs.
Before collecting any personal information, an organization should pause and assess the purpose for collecting this information and whether this information is necessary for such a purpose.
That purpose must be appropriate in the circumstances. information, also known as Personally Identifiable Information (PII), from U.S. citizens, Lawful Permanent Residents (LPR), visitors to the U.S., and employees or contractors to the Department. As.
Confidential Information means any information not exempted in specific legislation and identified as personal, sensitive, or confidential such as personally-identifiable information, individually-identifiable health information, education records, and non-public information as specified in all applicable federal or state laws, plus CSU and CSUSB policies.
A Manager’s Guide to Safeguarding Sensitive Information Properly is a quick reference guide on the 12 SSIP Rules managers should be aware of in respect to safeguarding sensitive information properly at their company. Sharing information barriers and solutions - Adult safeguarding: sharing information Failures in communication and joint working.
Adult serious case reviews frequently highlight failures between safeguarding partners (local authorities, GPs and health, the police, housing, care providers) to communicate and work jointly.