Protecting Personally Identifiable Information – Part 2

Two weeks ago we saw ways to identify phishing messages and last Monday we learned how important it is to protect personally identifiable information (PII). We are going to continue the discussion of PII today.

Avoid storing personally identifiable information on cell phones or removable media.

These items can be easily lost and the PII can get into the wrong hands. If a college employee would lose a device with a document containing a list of students or alumni with their names and Social Security numbers it could cost the college thousands of dollars! We are obligated by various state and federal laws to notify each person that their information has been lost. We are also obligated to notify a government agency in EACH state where the students or alumni live. We may also have to pay for credit reports for each of them. And last but not least, we may have to pay fines to state and federal agencies.

What can you do to protect information on these devices?

1. Don’t put Social Security numbers into a report unless it is absolutely necessary.

2. Don’t send a report with Social Security numbers or other PII via email unless it is absolutely necessary.

3. Be sure each of your cell phones has a passcode. College employees are required to install Airwatch on their college-issued cell phones. We highly recommend you put a passcode on your personal cell phones also.

4. If you must store PII on removable media, it should be encrypted and/or password protected and it should be erased as soon as you are finished using it. Click on the links to see these articles in the ITS Knowledgebase with information on password protecting Word or Excel files.

Please practice safe computing.