PII & Information Security Training 2009-2010

PII Outline

1. Welcome

2. PII Defined

3. Other Information

4. Minimum Standards

5. Disclosure

6. PII on Paper

7. Electronic PII

8. Transmission

9. Closing the Loop

10. Review

11. Credit

 

 

What are the expectations?

The Minimum Expectations for Protected PII:

1.Take all reasonable precautions to prevent the unintended release of PII.

2.Collect only PII which you are authorized to collect, and at the minimum level necessary to accomplish a required activity

3. Never use PII to identify individuals in systems or processes unless there is no other possible option.

4.Coordinate with other PII users to ensure the institution as a whole keeps the minimum number of instances of the piece of information (hopefully just one).

5.Never store PII on any workstation, laptop, or other portable device. Store PII only in approved business systems.

6.Use separation of duties to minimize access to information. Review role assignments at least annually to ensure appropriate access to information.

7. Disclose PII only to those with a clear business need and to the minimum number of necessary individuals.

8. Dispose of PII in a secure manner as soon as you are done with it.

NEXT>>>

 

 

(c) 2008 Regents of the University of California, Lawrence Berkeley National Laboratory