The difficult aspects of data processing are adequate data security. If the organisation acquires, uses, preserves or accesses information, it accepts a responsibility to protect that information. It is the duty of units and personnel to ascertain that their activities do not expose data to excess risk, and those who allow us to use their data.
When handling data security, consider the following:
- Which data or device must be encrypted in order not to be disclosed?
- The details, devices, or paper documents must be securely disposed of.
Guidelines for data protection
Follow these guidelines when handling data protection:
Dispose of information, computers, and paper records securely.
If the data is no longer useful for company related purposes, it must be properly disposed of.
- To be sure that it cannot be retrieved and misused, confidential data, such as identification numbers, must be safely erased.
- To ensure their previous content cannot be retrieved and misused, computers that have been used for company related purposes or otherwise utilised to store confidential information must be destroyed or safely deleted.
- Paper documents containing classified information should be shredded into garbage or recycling containers rather than discarded.