Protecting Personally Identifiable Information (PII)
Click highlighted text to view this FTC video to see why protecting Personally Identifiable Information is important: Deter-Detect-Defend
Suggestions for protecting Personally Identifiable Information or PII:
- When possible lock file cabinets, desk drawers, overhead cabinets, and any other storage space containing documents with covered account information when not in use.
- Lock storage rooms containing documents with covered account information and record retention areas at the end of each workday or when unsupervised.
- Clear desks, workstations, work areas, printers and fax machines, and common shared work areas of all documents containing covered account information when not in use.
- Documents or computer files containing covered account information will be destroyed in a secure manner. Institution records may only be destroyed in accordance with the Tennessee Board of Regent's records retention guideline, TBR Guideline G-070 Disposal of Records.
- Ensure that office computers with access to covered account information are password protected.
- Ensure that computer virus protection is up to date.
- Avoid the use of social security numbers unless required by external agencies.
- Utilize encryption devices when transmitting covered account information.
- Adhere to the Institution's other policies regarding protecting personally identifiable information.
For further information on the importance of protecting personal information, see the FTC Interactive Guide link in the sidebar to the right.
return to top | previous page | next page