Follow these instructions to delete or secure personal information.
1. Locate personal information identified on the log.
2. If you don't need a file with personal information, delete it.
3. If you can’t delete a file, secure the personal information.
1. Locate personal information identified on the log.
Your goal is to look at each file shown on the log and determine how best to handle it. Digging through the log takes some time. Spider will identify some false positives, that is, files that do not actually contain personal information.
Every effort should be made to verify Spider's results before deleting, moving or encrypting files.
When you find files with Social Security, payment card or Arizona driver’s license numbers, continue to the next section below.
WARNING: The Spider log file can point directly to some very sensitive information. As a result, the log file must be deleted when you have finished searching it to ensure it is not used by an unauthorized person.
The UNIX version of Spider does not include a Log Viewer. Instead, you must:
- Examine /tmp/spider.log.
-
Using the file path given in the log file, locate the file.
-
Open the file.
-
Determine whether it contains personal information.
-
Continue to 2 or 3 below.
2. If you don't need a file with personal information, delete it.
IMPORTANT NOTE: If you have received a preservation notice (litigation hold letter) from the Office of the General Counsel, contact the Office of the General Counsel before making any changes.
Return to Step 2 for information on how to determine whether to retain or dispose of a file. You must have a business need to store personal information. If you can access the personal information from the official source when you need it, dispose of it.
Be careful not to delete system (program) files.
3. If you can’t delete a file, secure the personal information.
Personal information should be retained only if there is a business need for it. If you can access the personal information from the official secured source when you need it instead of keeping it yourself, dispose of it.
Select from the following options:
- Option A: Transfer files with personal information to a CD, DVD or flash drive and physically secure it
- Option B: Separate the number from the associated name
- Option C: Truncate the number to the last four digits
- Option D: Replace all but the last four digits with filler X's
- Option E: Encrypt personal information
NOTE: As of Fall 2008, SID numbers that are the same as SSNs are no longer in use. If you must store lists or reports with SID numbers from earlier semesters during the record retention period, be sure to secure them with one of these options.
Option A: Transfer files with personal information to a CD, DVD or flash drive and physically secure it
Write files containing personal information to a CD, DVD or flash drive and secure it behind a locked door or in a locked file cabinet.
Delete the files from your computer, then empty the computer trash folder or recycle bin. See the File Deletion Guideline for information on secure file deletion.
Additional rules apply to information relating to payment cards that your unit accepts as payment for goods or services.
Option B: Separate the number from the associated name
Delete the the first name or initial, or the number, from the file. In a spreadsheet, highlight the column with the numbers you want to remove and delete it.
Option C: Truncate the number to the last four digits
Delete all but the last four digits of the number.
Option D: Replace all but the last four digits with filler X's
Option E: Encrypt personal information
If you cannot find any other alternative to storing personal information and you have a business need for it, encrypt it. Encryption is an effective way to protect files, especially from being opened and viewed on a hacked or stolen computer. Refer to the Encryption Guideline for recommendations regarding encryption products and procedures. Coordinate encryption measures with local IT staff.
Encryption carries several risks. Encrypted information may not be recoverable if your computer’s hard drive fails. Consistent back up practices are highly recommended.
To read an encrypted file, you must have access to a secret key—or password—that enables you to decrypt it. Some encryption methods carry the risk of permanent loss of information if the key is lost. USE WITH GREAT CARE. Be sure to follow your unit's key management plan. If your unit does not have a key management plan, encryption keys must be delivered to your supervisor or a person designated to retain them.
|
Step 9 - Comply with applicable standards
|
