Data Protection

Data Protection

UW-Parkside employees deal with sensitive data on a daily basis. Hackers and other nefarious actors would consider data such as parents' tax returns, student images, grades, and employee data a treasure trove of information. Federal and State laws require that employees protect sensitive data. 

Service or System\Data SensitivityFERPA
(Education Records)
HIPAA
(Health Records)
Personal Data
(SSN, etc)
Human
Subjects
Credit Card &
Banking Data
Other Sensitive
Data
Email & CalendarLimited ProhibitedProhibitedLimitedProhibitedLimited
Hard Drive & Flash Drives*ProhibitedProhibitedProhibitedProhibitedProhibitedProhibited
Web Storage (Dropbox, Box, etc)**ProhibitedProhibitedProhibitedProhibitedProhibitedProhibited
UWP File Shares and ServersLimitedLimitedLimitedLimitedProhibitedLimited
UWP SharepointLimitedLimitedLimitedLimitedProhibitedLimited
UWP OneDrive (future)LimitedLimitedLimitedLimitedProhibitedLimited
Qualtrics Survey ToolLimitedProhibitedProhibitedLimitedProhibitedLimited
Learning Management System (LMS)LimitedProhibitedProhibitedLimitedProhibitedLimited
UW/UWP Web and Video ConferencingLimitedProhibitedProhibitedLimitedProhibitedLimited
Non-UW Web and Video ConferencingProhibitedProhibitedProhibitedProhibitedProhibitedProhibited
Personally Owned Computers ***ProhibitedProhibitedProhibitedProhibitedProhibitedProhibited
Document Imaging SystemLimitedProhibitedLimitedLimitedProhibitedLimited
Other Third Party System ****ProhibitedProhibitedProhibitedProhibitedProhibitedProhibited

* Computer hard drives may be used with high level of caution for brief storage of sensitive data, such as when transferring files or when an application requires it

** Some UW institutions have signed contracts with providers such as Box.net. Using those services when contact is initiated by such institutions is allowed.

*** Personally Owned Computers may be allowed to access sensitive data via authorized remote secure tunnel connection

**** Third party systems may not store sensitive data except where the system owns such data (e.g. EMR system manages health/HIPAA protected records)

Even when sensitive data is allowed to be stored caution must be exercised. You may send, store or share the sensitive data type with a particular service if the data owner and your department/unit policies permit you to do so. For additional information, contact the CTS Information Security Officer or the campus FERPA official.

Security Tools

Identity Finder

UW-P's security policies and best practices require sensitive University data to be stored on Campus Technology Services (CTS) managed file shares. This minimizes the risk of University data being compromised and accessed by unauthorized individuals as a result of a local computer workstation security breach (such as a virus). CTS has deployed security software, Identity Finder, on employees' computers. This software is designed to assist with finding and removing or relocating files with sensitive data (such as SSNs) away from the hard drive. As part of security compliance process regular reports will be produced that identify the amount of sensitive data stored on all University workstations. Employees are encouraged to run the Identity Finder tool on computer's hard drive and proactively remove or relocate files with sensitive data. For instructions please visit this knowledgebase page.

BitLocker

All new campus PCs are issued with the BitLocker tool enabled. This tool protects the computer's drives so that the data on them are nearly impossible to access by thieves should the computer or the drive be stolen. Consider enabling BitLocker on any personal PCs also.

Desktop Lockout

All campus PCs are now set to lock the screen after 10 minutes of no activity. This helps ensure the protection of the data on the computer or on the network.

 

 

900 Wood Road · P.O. Box 2000 · Kenosha, WI 53141-2000 P 262-595-2345

Who Are You?

Tell Us