Sometimes we don't need the data stored on our computers to do our jobs. If it's sensitive, it could be at risk of exposure. When personal information is no longer needed for business purposes, it is important to destroy or remove the information from its current location. Another option is to store it somewhere safe, such as in a central database. MA law stipulates that the disposal of records containing personal information be standardized and enforced.
Paper files with sensitive information require the same level of security as electronic files. Use a cross-cut shredder or a service that guarantees safe removal and disposal for any paper files you no longer need. Disposal of paper files is outlined briefly in the WISP. Secure file destruction such as using a cross-cut shredder or certified shredding service ensures that hard copy files are never disposed of in regular trash or recycling bins.
Electronic File Destruction
Don't just delete electronic files by putting them in the computer's trash bin. Access to those files may have been removed for the user, but the files could still remain somewhere on the hard drive and be retrieved with a little effort. If you are removing sensitive files permanently from the device, be sure to erase these files securely.
The destruction of electronic files, also called media sanitizing, is not as straight-forward as with paper files. Because data in electronic format can be placed on various types of media -- such as a computer hard drive, external hard drive or flash drive, a mobile device, CD, tape or microfiche, even an audio file -- each method of destruction depends on the media itself.
Redacting Required Records
Redaction/redacting is the sanitizing (removal) of unnecessary information from a file to get rid of the sensitive or private parts. It is more than obscuring or hiding the information. Redaction can be done with electronic files using tools such as Spirion (formerly Identity Finder) and Adobe Acrobat. It can be done with paper files as well by cutting out or blacking out the information so that it is illegible.
DLC's should be familiar with records retention rules so information is not retained longer than needed. For electronic or hardcopy materials that you need to keep locally, but don't need PIRN, consider "redacting."
For hard copy, redacting means:
- crossing out, cutting out, or covering the information, so that the PIRN is not readable on the original or a copy (Note: text can often be copied through with a single line made with a wide black 'felt tip' permanent marker, like a Sharpie.)
For electronic files, redacting means:
- clearing the field, deleting the column, or replacing the data with nonsense characters (e.g. xxxxxxxxx) – 'hiding' the field or masking the text does not remove the data.