What You'll Learn Today:

How to Handle Sensitive Information

Some of the information we access on a daily basis is sensitive and should be handled appropriately.

Keep sensitive info secure

You first need to know what information is considered sensitive. In general terms, this will be any information that is not readily available to the public, such as employee identification numbers.

Non-public or sensitive information should be secured all all time. When in printed form, it should be physically secured when not being used. In electronic form, the data should be encrypted, especially if the storage device is not in a secure facility, such as a laptop or other mobile device.

You first need to know what information is considered sensitive. In general terms, this will be any information that is not readily available to the public, such as employee identification numbers.

When sensitive information is transferred from one person or location to another, it should be done through a secure mechanism, such as an encrypted filed sharing system. DO NOT attach a document with sensitive information to a non-encrypted or plain text email.

Archiving is the long-term storage of information. This storage may be electronic or physical. Like other storage, it should be physically secure or be encrypted. In addition to security, archived items will often include a specific retention period.

When sensitive information is no longer needed, it can be destroyed. For paper documents, this destruction should be via a means that does not allow the information to be put back together, such as using a cross-cut shredder. Documents should be physically secured pending description. Electronic media should be erased and overwritten so that the data is not retrievable.