|
CS@Work 2004 March Your Responsibility to Protect Data from Identity Theft |
|
State law now requires that computers with databases, spreadsheets, or other files that contain individuals’ personal information be protected from unauthorized access that could lead to identity theft. UC Davis has developed guidelines to implement the provisions of this state law. These guidelines apply to data that include an individual's first and last names in combination with any of the following: If you do need to maintain such protected data go to http://security.ucdavis.edu/idtheft_docs/id_doc_full.pdf to learn the complete UCD guidelines. In general the guidelines advise you to know what information you have, where it is located, and who is responsible for the computer system that holds the protected information. You must physically and administratively secure this computing system, and you must monitor its use. If the computing system is compromised by an unauthorized individual, you must remove the system from the network immediately. If it suffers a security breach you must notify the appropriate person at UC. As you can see, the steps to prevent identity theft are fairly significant. Whenever possible, avoid setting up new computer systems that maintain personal information, and reduce the number of existing computer systems that provide access to this information. In other words, if you don't have to keep this personal information, don't. More information about identity theft prevention can be found at: http://security.ucdavis.edu/id_theft101.cfm
|
