Private Data Protection
Protecting Private Data
When do I need to protect the privacy and security of data?
Any private data stored on laptop computers, transmitted across the Internet, or transmitted using wireless technology must be protected. Extra precautions should be taken with Social Security Numbers and credit card information because of identity theft concerns. Encryption or other secure transmission is required when handling Social Security Numbers in electronic form.
What are some examples of PRIVATE/NON-PUBLIC INFORMATION?
- Social Security Numbers
- Credit card information
- Trade secret or intellectual property
- Individual demographics such as:
- Age, race, ethnicity, gender, citizenship, visa status, veteran or disability status;
- Employee home address/phone; dependent information;
- Personal medical information
- Library use information
- Parking lease information
- Student grades, courses, class schedule; student worker information
- Student discipline, educational services received, test scores, admissions, financial aid records
- Employee performance evaluations
What are some things I can do immediately to reduce security risks with electronic transfer of private data?
Portable devices, such as laptops, cell phones, and tablets, are likely targets for theft and are frequently misplaced. Accordingly, you should not store private data on such devices. If it is absolutely necessary to store private data on a portable device, take extra precautions to ensure that the private data is secured. Encrypt the data if possible, and don't let the device out of your control. Be aware of the physical security of these devices. Having a computer or tablet locked with a password at login is always recommended. Avoid sending private information by e-mail, unless it is absolutely necessary. If you do need to send the information, encrypt the data before attaching it to an email. Contact the Technical Support Center for assistance or for suggestions on secure transfer of information to another person.
NOTE: If you suspect or know that private data is being used or shared inappropriately, refer to the Minnesota State system Breach Notification Standard and contact your supervisor.
- Information in this e-mail is taken from the Minnesota State D2L training modules – Public Jobs: Private Data