Information Protection

• Never leave sensitive data on a computer screen when the machine is not in use (even for short periods of time)
• Guard your password - don't share it with anyone, including others in your department
• Make sure that your antivirus software is up-to-date - this is often done automatically, but you should double-check your machine to be sure
• Only collect and retain sensitive data that is essential to the task at hand
• Delete sensitive data from your desktop machine as soon as there is no longer a business reason to retain it
• Whenever personally identifying information is included in the distribution of data to any downstream users (who still must be authorized to view such data), include notification that the information is sensitive and refer the user to these guidelines
• Be prepared in advance in the event of the need for any immediate notification to the individuals whose personal information is stored
• Make sure that your machine is running with the latest security patches - this is typically done automatically, but please check with your local IT technician to be sure
• If you ever need to print sensitive information, make sure to immediately retrieve your printouts from the printer, and destroy the printouts (via a paper shredder) as soon as you no longer need them