Reminder: Keep Removable Devices Containing Restricted Data in Secure Location - 04/8/10

If electronically stored, computer-based “restricted” information is saved to a portable device, such as a CD or USB or flash drive, the device must be kept in a secure location when not in use, according to the Security Requirements for Handling Information. The data handling requirement also applies to restricted documents that have been scanned to a portable device.

The June 25, 2007, Business Services Data Security Requirements Memo from James S. Almond, vice president for Business Services and assistant treasurer, states that prior to saving restricted or personally identifiable information to removable drives, Business Services staff must first obtain approval of the department head.

For more information about proper data handling, please see the Electronically Stored (Computer-based) Information page on the SecurePurdue Web site.