Printer-friendly version

Sensitive Information Policy


No employee, student or campus affiliate of the State University of New York
at Potsdam may store personal, private or sensitive information including
but not limited to Social Security Numbers, Credit Card Numbers or other financial data belonging to any other employee, student or
affiliate without the expressed, written consent of the campus Information
Security Officer or a designated delegate.

CTS periodically scans the following data sources for the presence of SSN's
and credit card numbers. If you have any questions about this process,
or believe a false positive has occurred, please contact
helpdesk@potsdam.edu.

  1. Helios Administrative Shares - If sensitive information is found, the file(s)
    are encrypted and moved to secure storage. CTS Banner programmers
    are notified and will follow up if appropriate.
  2. Helios Home
    Shares - If sensitive information is found, the file(s) are encrypted
    and moved to secure storage, and users receive an explanatory email.
  3. Email files - If sensitive information is found in email text, the numbers
    are redacted (x'd out) and there is no user notification. If sensitive
    information is found in attached files, the file(s) are encrypted
    and moved to secure storage, and users receive an explanatory email.
  4. Desktop / Laptop Computers - If sensitive information is found, user will
    be contacted by a CTS representative.
  5. Banner servers - If SSNs are found, the file(s) are encrypted and moved to secure storage. CTS Banner programmers are notified and will follow up if appropriate.