When the discussion of confidentiality of information comes up, typically the discussion revolves around the exposures created via computers, the internet, and all the related technology surrounding those types of things. Last month's Case-in-Point addressed these issues and ways you can protect data from a technology standpoint.
While technology can expose large volumes of data rapidly, it is important to remember we can lose or expose data the old fashioned way. Confidential data that is on paper and left in public places or in unsecured work spaces can also be used for nefarious purposes. Another way data can be exposed is through simple conversation. Discussions in the hallway or at lunch can potentially expose information or data that is protected by policy or statute. So while technology is important, don't forget to think about what is written or being said and who might be looking or listening.
Earlier this month, Robert Gottesman, our Information Systems Auditor, posted on the Internal Auditing website a white paper of best practices involving data protection. This document runs the gamut from the old fashioned ways we can lose sensitive data to the latest technological risks included along with what we believe are current best practices. We suggest you review this document and consider the protection of data with which you routinely work. If you have any questions, certainly, let us know.
As we see each month, the risks within higher education is vast and diverse. We again invite you to review the latest events within our industry and consider whether you have similar risks or opportunities for proactive management before the crisis occurs.
Last Updated: August 29, 2014