Data Privacy Month Tip of the Week:
Protect Personal and Organizational Sensitive Information

Any time information is transferred, find secure ways to protect sensitive or personally identifiable information, leaving only what is truly necessary to accomplish a task.

Store information in locations that can be accessed securely, such as SharePoint.

Beware of using unencrypted thumb drives, external drives, flash drives, and consumer services, such as Dropbox to store and transfer sensitive information.

What is Sensitive Information?

• Personal Identity Information: PII includes information that, alone or in combination, is linked or linkable to a specific individual and would allow a reasonable person to identify you with reasonable certainty: name, mother’s maiden name, address, date of birth, social security number, and parent’s names.
• Health Care Records and Medical Privacy: The privacy of health care records is protected by federal law, specifically under the Health Insurance Portability and Accountability Act (HIPAA).  This rule requires covered entities to protect individuals’ health records and other identifiable health information.
• Student Records: Family Educational Rights and Privacy Act (FERPA) is a Federal law that protects the privacy of students’ education records or the records that contain information directly related to a student.  Education records do not include such records as alumni records.

For more information and questions about information privacy or any of the resources featured in this email, please contact iso@barry.edu.