Handling of Personal and Confidential Information
During the course of their work, Sponsored Programs staff will deal with personal and confidential information.
Types of information that classify under this category can be:
- Credit Card Data:
- Social Security Nummbers (SSN)
- Personnel Information
- Information that relates to a person's health
Sponsored Programs staff must ensure that these types of information are processed securely and remain confidential:
Credit Card Data
- Do not keep complete credit card numbers or copies of credit card payment slips containing the complete credit card number on file.
- Do not enter or store credit card numbers in departmental databases, including computer hard drives, CD’s, disks, and other external storage media.
- Do not transmit credit card data via e-mail or the internet unless the connection is secure or the information encrypted.
- Shred any existing paper documents that contain complete credit card data. Do not discard in the trash.
- Delete complete credit card data from existing electronic databases, including computer hard drives, CD’s, disks, and other external storage media.
- Do not publicly display complete credit card data or leave unattended, even on your desk or the desk of a co-worker.
- Do not disclose credit card data.
All other confidential information:
- Do not discuss or disclose any confidential information with anyone else, unless it is absolutely necessary for business purposes.
- Do not leave any confidential information unattended on your desk. If you have to keep confidential information overnight, ensure that it is locked in your desk or any other safe place.
- Process confidential information as soon as possible and forward the information to the intended recipient.
- Do not keep any copies of confidential information or enter the information in your computer.
Sponsored Programs staff dealing with personal and confidential data are required to attend an annual training regarding the subject.