Return to: Academic Health Center : myAHC : U of M Home
Gold University of Minnesota M. Skip to main content.University of Minnesota. Home page.
One Stop | Directories | Search U of M 
 
Privacy and Data Security

What's inside.

What is Private & Public Information

Tips for Securing Private Information

Security Requirements & Policies

Training Opportunities

Resources and Tools

Who to Contact

   

Privacy and Data Security Home
 
  Home

Tips for Securing Private Information
Have a Question?
The University takes security of private information seriously. Members of the University community have a legal responsibility to protect private information regardless of its format.

Private information can be organized into one of the following three groups.

Electronic Information
Printed Information
Verbal Information

The following is a checklist to help you safeguard private information. Print this page and use it to help ensure you are taking the necessary steps to prevent disclosure of private information.

Electronic Information

Using Your Computer or Other Devices

Use a screen saver password.
Use strong passwords. Password Guidelines
Do not share passwords with others.

Use secure file servers to store private information and limit storing it on the "C" drive.
Back up my files regularly.
Use a Virtual Private Network (VPN) when connecting from off-campus.
Never use public computing devices when working with private information.
Never use email for private information unless it is known to be secure.
Do not click email attachments to open them unless you are expecting them.
Don't download software from the Internet of unknown origin and/or unknown security.
Turn your computer off if you will not be using it for several hours.

Configuring Your Computer and Other Devices

Use current anti-virus software supplied by the University free of charge. University agreements with anti-virus vendors.
Install a good anti-virus program, update it regularly and scan often.
Configure daily automatic updates for the anti-virus software
Configure automatic installation of software security patches from the vendor for the operating system and other software.

Use a personal firewall. See software firewalls.

Encrypt private data sent across open networks such as the Internet or unprotected wireless connections.

Configure security log files of sufficient size to hold several weeks of activity.

Using Public Computers

Never access private information using a public computer of any kind.
Always log out of all applications and computers after using them to prevent someone from accessing files on the network from the same computer.
Never leave a computer unattended.
Delete all files you have saved to public computer hard drives before leaving.
Remove all diskettes or other storage devices.

For more ways to protect private information, view the 13 "Baseline Requirements to Protect Private Data" in the Protecting Private Data Standard

[Back to top]

Printed Information

Always keep private information in a secured area
Always retrieve copies, faxes, and printouts immediately.
Recycle paper containing personal information only in a secured recycle bin

Always shred paper containing personal information.

Destroy paper according to University Guidelines: http://recmgmt.finop.umn.edu/recorddestruction.html
Know who I am transmitting (faxing, mailing, emailing) private information to before sending it.

[Back to top]

Verbal Information

When talking to someone about their private information in a public space, be discreet, lower your voice and try to avoid embarrassing details that could be overheard.
Do not share workplace stories if they pertain to someone else's personal information.
Only discuss someone's personal information with a co-worker or supervisor if they are authorized.

[Back to top]

A Little More About Passwords

Strong password characteristics:

  • Use a MINIMUM of 7 or more characters (system permitting).
  • Use mixed case wherever possible. Use uppercase on more than the first letter.
  • Include at least two digits or punctuation characters.

Strong password examples:

  • AEM*mn8
  • MMLJ12d
  • RX7!xj5

When you create passwords, remember the following tips:

  • Do not write them down. If you have to, write down hints such as questions to help you remember them.
  • Do not keep information about your passwords in your desk or near your computer.
  • Never save a password to a hard drive or Web site. If prompted to save a password, always say no.
  • Change your passwords when prompted
  • NEVER share a password, even with a co-worker or support staff.
  • NEVER use a password for private information that you use for other activities, such as purchasing products on the Internet.

[Back to top]

For More Information

Safe Computing at the U

Protecting Private Data Standard

OIT Desktop Security Check Up

Securing a University Owned Machine

Tips for Choosing a Password
Feedback | Notice of Privacy Practices | AHC Intranet
 
©2004 Regents of the University of Minnesota. All rights reserved. Trouble seeing the text? | Contact U of M | Privacy
The University of Minnesota is an equal opportunity educator and employer.  Last modified on September 29, 2004