Archives: Task Managers
-
HIPAA or PHI
—
by
If you handle Protected Health Information (PHI) or Individually Identifiable Health Information, there may be additional tasks to complete. Please contact infoprotect@mit.edu.
-
Anonymize information
—
by
Anonymize information whenever possible and separate access to identified and de-identified data sets. For physical media store identified information in a separate locked file cabinet.
-
Data Retention
—
by
Observe applicable data retention policies upon project completion. Securely delete the information if possible. If you must retain a copy of information at this level, ensure that it remains secure.
-
Secure destruction
—
by
Destroy devices and media that are no longer needed in a way such that no information can be recovered.
-
Data minimization
—
by
Limit the storage and collection of data at this risk level to that which is necessary to accomplish the legitimate purpose for which it is collected.
-
Sponsored research
—
by
If you have received data as part of a sponsored research project, and your contract includes clauses on data security there may be additional tasks. Please contact infoprotect@mit.edu.
-
Multi-factor authentication on Servers and Applications
—
by
Utilize multi-factor authentication for remote interactive user and administrator logins