Information for handling important data.
Data Handling Principles
Information plays an extraordinary role in the College's educational, research, operational, and community outreach missions. Every department, faculty, student, and staff member may have some degree of access to regulated, sensitive or confidential information. As such, each person and office is expected to follow these principles for handling confidential data:
- Be conscious and selective of the data you are collecting and retrieving. When pulling reports from data sources, only select the data that is needed, do not just select all.
- Keep the number of files that you store that contain sensitive data to a minimum. Try not to store copies of data that can easily be retrieved from a database or other mechanisms.
- Safeguard information that is in your control. Because of risk of loss or theft, sensitive data should not be stored on laptops, flash drives, or mobile devices unless properly encrypted.
- Collect the least amount of data as necessary and store for the least amount of time necessary. Properly delete digital files by emptying the recycle bin on your computer and the Deleted Items folder in your mail client. Paper records should be shredded or deposited in a confidential paper repository.
- Be specific when applying permissions on files, folders and SharePoint sites. Grant access only to those individuals that need access.
- Avoid using email to transfer and collect sensitive or confidential data. Store reports, documents and spreadsheets on file shares or SharePoint sites and grant access via permissions.
- Do not distribute confidential documents or information to those who are not authorized to view them.