1. When do I need to encrypt data?
2. What are some things I can do immediately to reduce the risk from electronically storing private data?

1. When do I need to encrypt data?
Encryption is a way of hiding the true meaning of data by using a generally accepted mathematical method that cannot be easily decoded. According to University policy, private data stored on laptop computers, transmitted across the Internet, or transmitted using wireless technology must be encrypted. In addition, credit card information is required by contract to be encrypted. Examples of ways to encrypt data are found on the Safe Computing Web site.

Back to Top

2. What are some things I can do immediately to reduce the risk from electronically storing private data?
One easy way to reduce risk is to regularly “houseclean” the data on your computer. Delete data that isn’t needed and archive older data to a CD or other media. Archive to a central secure location or onto media such as a CD. Archiving allows for the very occasional access requirements most people give as their reason for having many years worth of electronic data. Assuming the CD is locked away when not in use, this is a good compromise between deleting the data entirely and storing data because it may be needed some day. If you have large volumes of private data that you access frequently, consider storing that data centrally on a server maintained and secured by University technical support staff.

Complying with all of the University standards for securing private data reduces risk. See the Securing Private Data Standard.

Back to Top