TEN Easy Procedures to Protect Sensitive Data—How Many do You Practice?

As school district employees, we are all given access to some type of sensitive or confidential data. This data may pertain to students, parents and/or employees. Regardless of what type(s) of, or how much data you can access, it is your responsibility to protect this data and make sure it is not shared with or accessed by unauthorized personnel. Below is a list of 10 simple procedures that will go a long way towards protecting sensitive/confidential data.

CONVERSATION
1.  Don’t discuss sensitive data in the presence of unauthorized personnel. If they are       not authorized to view sensitive data, then they are not authorized to hear about it either.

PAPER DOCUMENTS
2.  Don't share sensitive documents with unauthorized personnel. This includes        allowing them to view documents as well as giving them copies of documents.

3.  Store sensitive documents in a lockable file cabinet or drawer.

4.  Shred documents before disposal. Simply throwing away documents makes sensitive data       subject to unauthorized viewing.

COMPUTER
5.  Don’t allow others to view your computer programs unless you’re there to monitor       activity and operate the computer. This could lead to unauthorized viewing of sensitive data as       well as misusing sensitive data under your name.

6.  When away from your desk area, lock your computer. This will keep unauthorized        personnel from accessing and using your computer.

7.  Don’t save sensitive data directly to your computer. This includes places such as your       desktop, My Documents folder or your hard drive (C-drive). If your computer is stolen, any       sensitive data stored there will be accessible by the thief and anyone else who touches that       computer. Also, do not save sensitive data to external storage devices such as thumb drives, CDs       and “clouds.” Thumb drives and CDs can be stolen  and "clouds" can be hacked.

8.  If you have to save sensitive data, save it to a protected folder on the SBISD      network. This includes your SAN Folder (H-Drive) as well as your shared folders.

PASSWORDS
9.  Don’t share your passwords. In fact, it is a direct violation of district policy to do so. If a        substitute (or anyone else) needs access to programs such as Skyward or MUNIS during your        absence, arrange with Technology Services to get them their own password.

10.  Don’t store your passwords on your computer or any locations where others can        see them.