Welcome By and by Identifiable Data (PII) Security Preparing for Information Stewards.


75 views
Uploaded on:
Category: Medical / Health
Description
Limit access to PCs and other electronic gadgets that store LPro or LSen information in electronic structure ... When the sum total of what PCs have been checked and their logs evaluated, fill ...
Transcripts
Slide 1

Welcome Personally Identifiable Information (PII) Protection Training for Data Stewards

Slide 2

Goal The reason for now\'s preparation project is to acquaint you with an accumulation of strategies intended to secure Personally Identifiable Information (PII) and to your part and duties as a Data Steward. Information Steward Training

Slide 3

Learning Objectives: As a consequence of taking part in today\'s project you will: Learn about Loyola\'s Personally Identifiable Information (PII) Protection program Gain a superior comprehension of your part and duties as a Data Steward Acquire a rundown of instruments and assets that can bolster you in your part as a Data Steward Data Steward Training

Slide 4

Agenda The Challenge of Protecting PII Loyola\'s Process for Protecting PII Your Role in Protecting Loyola\'s PII Tools and Resources Data Steward Training

Slide 5

Guidelines Program length: a hour Ask questions – take an interest Data Steward Training

Slide 6

Protecting Personally Identifiable Information Data Steward Training

Slide 7

Data Steward Training Loyola as of late endorsed arrangements covering territories: Data Classification Loyola Protected & Sensitive Data Identification Physical Security of Loyola Protected & Sensitive Data Electronic Security of Loyola Protected & Sensitive Data Disposal of Loyola Protected & Sensitive Data Loyola Encryption Compliance Review Data Breach Response

Slide 8

Data Steward Training All information delivered by representatives of Loyola University Chicago over the span of University business will be named one of these three sorts of information: Loyola Protected Data Loyola Sensitive Data Loyola Public Data (Definitions on next slide)

Slide 9

Definitions Loyola Protected information (LPro information) Protected by Federal, state, or neighborhood laws Includes SSNs, charge card numbers, financial balance data, driver\'s permit numbers, individual wellbeing information, FERPA information, and so forth Loyola Sensitive information (LSen information) Not secured by laws, however data that Loyola would not convey to the general population Determined by the division that made the information Loyola Public information (LPub information) Information that Loyola is happy with dispersing to the overall population. Information Steward Training

Slide 10

Role & Responsibilities for Data Stewards Data Steward Training

Slide 11

The essential duty of an information steward is to help their specialty recognize areas of Personally Identifiable Information (PII) The information steward will likewise deliver documentation utilized by ITS and your specialization demonstrating where PII is situated in the office Data Steward Training

Slide 12

Responsibilities Identify PCs that store or get to Loyola Protected or Loyola Sensitive information Conduct frameworks filter like clockwork Use programming checking apparatus that banners conceivable LPro data Record data from the examining programming device in a spreadsheet for ITS and your specialty Fill out the office\'s Data Security Compliance Review shape and submit to ITS Data Steward Training

Slide 13

Responsibilities Act as an asset for your specialization by giving data about the strategies and their effect Conduct presentations as expected to bring issues to light Sample presentation: http://www.luc.edu/its/pdfs/dspresentation.ppt Data Steward Training

Slide 14

Changes in how your specialty handles Loyola information Data Steward Training

Slide 15

Changes for Paper archives Limit access to office workspaces that store LPro or LSen information in paper structure – your specialization ought to: Create a rundown of people with access to confined ranges; give Campus Security a duplicate of the rundown Require an identification or key to get to those regions Allow no free to those regions Acquire/use endorsed shredders to discard records Limit access to printers and faxes Properly store LPro or LSen archives; abstain from leaving LPro or LSen data on work areas and other work territories when nobody is available Data Steward Training

Slide 16

Changes for electronic archives Restrict access to PCs and other electronic gadgets that store LPro or LSen information in electronic structure LPro or LSen information can\'t be put away on PCs or electronic gadgets that are not scrambled ITS will give directions to introducing the encryption programming for those clients that need it Data Steward Training

Slide 17

Preferred stockpiling for remote access LPro or LSen information favored capacity for remote access Network drives (VPN + Remote Desktop) Laptop w/encryption programming PDA/Blackberry/Smartphone w/encryption programming Portable drive w/encryption programming CD/DVD/plate as an encoded document Data Steward Training

Slide 18

Disposal of LPro or LSen information Paper – Shred either through destroying administration or affirmed individual shredder (Purchasing has rundown of affirmed shredders) Electronic – Contact ITS for legitimate transfer If taken outside of Loyola, either discard as above or take paper/gadget back to Loyola for appropriate transfer Data Steward Training

Slide 19

Encryption of information Electronic information exchanges must be secured If you have to send touchy information by means of email, please contact ITS for data on sending encoded messages LPro or LSen information on physical media (CD, convenient drive, and so on) must be encoded ITS will help with arrangement and preparing for office particular issues on an as-required premise Data Steward Training

Slide 20

Report conceivable ruptures/exposures Call 86086/773-508-6086 Email datasecurity@luc.edu Go to unknown reporting page at http://www.luc.edu/its/security/data_security_form_anonymous.shtml Data Steward Training

Slide 21

Split into 4 stages ITS pilot Sullivan Center pilot High-hazard regions (HR, Finance, and so on) Rest of the college Main correspondence exertion will happen before the 4 th stage – college wide organization University Deployment Plan

Slide 22

Town lobby gatherings Inside Loyola Weekly Separate email impact to all staff Communications particularly focusing on workforce Communication Strategy

Slide 23

Give a presentation to my specialization about this? Play out the filtering bit? Introduce the encryption programming? Round out the printed material? Get different inquiries replied? How Do I … ?

Slide 24

Give a presentation to whatever remains of my specialty? Suggested so they will have a superior comprehension of how they can secure PII and other delicate information Complete presentation accessible at http://www.luc.edu/its/pdfs/dspresentation.ppt Please send any inquiries you can\'t reply to ITS ( DataSecurity@luc.edu or x86086) How Do I… ?

Slide 25

Perform the checking segment? Send an email to everybody in your area of expertise requesting that they go to Loyola Software - > Useful Tools - > Spider Scanner This will introduce and run the filtering programming The procedure can take a hour or two, yet the client can keep utilizing their machine while it works Program will naturally close when done How Do I… ?

Slide 26

Install the encryption programming? Close all open projects Go to Loyola Software - > Useful Tools - > SafeGuard Easy Install Machine reboots a few times Login, sit tight for machine to reboot twice all the more Close encryption picture and login Verify red symbol on hard drive, logout or lock machine yet LEAVE IT POWERED ON! You can utilize your PC while it scrambles, however it will run all the more gradually until the procedure finishes How Do I… ?

Slide 27

Fill out the printed material? Two unique structures to finish While checking on the arachnid log with the client, round out the PII Tracking.xls spreadsheet Once the sum total of what PCs have been filtered and their logs audited, round out the Data Security Compliance Review structure accessible at http://luc.edu/its/pdfs/gov_PIIP/Personal%20Information%20Protection%20Compliance%20Review.pdf (the last page) How Do I… ?

Slide 28

Get different inquiries replied? Call/Email/Stop By Joe Bazeley jbazele@luc.edu DataSecurity@luc.edu 773-508-6086/86086 Granada Center room 235 How Do I… ?

Slide 29

Tools and Resources ITS Contact Joe Bazeley jbazele@luc.edu 773-508-6086/86086 Policies Presentation – include joins Reporting breaks Anonymous reporting page at http://www.luc.edu/its/security/data_security_form_anonymous.shtml Email datasecurity@luc.edu Data Steward Training

Slide 30

As a Data Steward you assume an essential part in guaranteeing that your specialty is in and stays in consistence with Loyola\'s strategies for ensuring PII and other touchy data Summary

Slide 31

Responsibilities Be an asset to your specialization by giving data about these arrangements and their effect Sample presentation accessible at http://www.luc.edu/its/pdfs/dspresentation.ppt Conduct sweeps of division media at regular intervals Check yield of LPro/LSen information location instrument on every individual\'s PC Provide synopsis data on LPro/LSen information to ITS and your specialty Fill out office\'s consistence structure for ITS Summary

Slide 32

Badge/key access limitations Printers and faxes in secure ranges Use endorsed shredders Secure work area when not around Encryption of PCs Cannot store LPro or LSen information on decoded PCs Store documents on system drives for remote access Summary

Slide 33

Questions? Information Steward Training

Slide 34

Thank you for Your interest Data Steward Training

Slide 35

Short form of introduce procedure: Close open reports Launch program Wait a few minutes, login Wait a few minutes, close picture then login again Log out or bolt PC, yet abandon it fueled on Full Disk Encryption Install Demo

Recommended
View more...