Presentation is loading. Please wait.

Presentation is loading. Please wait.

Handling Information Securely

Published byΤρύφων Αβραμίδης Modified over 5 years ago

Similar presentations

Presentation on theme: "Handling Information Securely"— Presentation transcript:

1 Handling Information Securely
Information Management

2 Introduction It is important to consider how you handle information at all times no matter where you are. The presentation covers some good practice and risks associated with handling information in different environments.

3 In the Office (1) Lock sensitive personal information away when leaving your desk. This reduces the risk of unauthorised people accessing the information. Lock your computer when leaving your desk. This reduces the risk of unauthorised access. 'Cntr + Alt + Del' on work machines using Windows - your network username and password will then unlock it. Do not discuss sensitive personal information in front of people who are not authorised to hear it. This reduces the risk of unauthorised people overhearing information that either may effect them or that they could use.

4 In the Office (2) Check when printing that your documents have printed completely. This reduces the risk of sensitive personal information being accidently left and read by unauthorised people. Dispose of sensitive personal information using a confidential waste bin. This reduces the risk of unauthorised people accessing the information.

5 At Home (1) Ensure that you have authorisation to take sensitive personal information home. Only take the minimum amount of information needed to do your job. Ask yourself whether you really need to take everything. Ensure that you store sensitive personal information out of sight in a secure location in your home. Secure locations include a safe or lockable cupboard. If you don’t have either of these then store it out of sight in your bedroom when not in use. Separating paper documents from your laptop reduces the risk of paper files being stolen in the event of a burglary. When working on paper documents ensure they are not left unattended, and put them away if you are not working on them.

6 At Home (2) If working on your work laptop ensure that you lock your computer when leaving it unattended. ('Cntr + Alt + Del' on work machines using Windows - your network username and password will then unlock it.) Do not allow other people to access your work laptop as this is classified as unauthorised access. Do not dispose of documents containing sensitive personal information at home, ensure that you always take it back to the office and use a confidential waste bin.

7 On the Move Don’t leave sensitive personal information in full view and unattended. Put it out of sight somewhere secure This will reduce the risk of unauthorised people getting access to information they are not entitled to. Always transport sensitive personal information in a closed and preferably locked bag or case. It will be more secure and might deter someone from taking it I the first place. The ICO also recommend that you don’t use a valuable or designer bag that would attract the attention of a thief. If possible put files/laptops in the boot of your car before you leave base. Otherwise you might be seen hiding them and possibly tempt someone to take them. Never leave them in view when away from the car. It’s preferable to keep them with you – but if it’s safer to leave them – leave them in the boot. (See below) Never ever leave them in the boot overnight

8 On the Move (2) Perhaps when visiting a client or in a communal setting. But it should be the exception. You need to judge what’s the best way to protect the information you are carrying in any particular situation. Think ahead and plan if you can. Do you need it all? Do you really have to do your shopping on the way? Think carefully before accessing personal, confidential or sensitive work information in a public place including when on public transport.  It's easy for other people to see what you're working on. It's the same whether the information is on paper or electronic devices. Be careful with phone calls when in public places – If you are discussing sensitive issues don’t reveal too much personal information Be discreet, use initials or just forenames and try to reveal as little sensitive detail as possible.

9 Online Ensure that information you publish or post online does not disclose the identity of service users. This helps to prevent the inappropriate disclosure of information and keep service users information safe online. Remember that information you publish online is visible to a large audience and your views may be seen to represent the Council. Bear this in mind when using the online channels for work and make sure that personal and sensitive information is not disclosed inappropriately. If you get spam or suspicious s, never click on any links and delate the as soon as you can. This will help to prevent computer viruses getting onto the network via your computer. If you keep getting spam or accidently click on a link within one contact ICT Services immediately for help and advice.

10 On the Phone (1) When you are on the phone and are discussing sensitive personal information, ensure that consider who is around and who may overhear you. This helps to prevent the inappropriate disclose of information and keep service users information safe. When dealing with a call from a service user, you should verify who they are before disclosing any sensitive personal information to them. Get them to confirm their name, address,  post code, date of birth &/or phone number to you. Please confirm your address and…” not “20 Main Street, LE69, is that correct?” Even when you are calling them – they may not be the only person on that number. Be careful if you are leaving a message – don’t include anything sensitive. Take even more care if it’s a shared (e.g. office) number or answer machine – what if someone else picks up the message and what you’ve said is embarrassing? This will help to prevent the unauthorised disclosure of information.

11 On the Phone (2) When dealing with a call from a customer calling on behalf of a service user, again you should always verify who they are and that they have consent. 1. Take their name, phone number, address and relationship to the service user. 2. You should also verify the customers full name, address, post code and date of birth. This will help to prevent the unauthorised disclosure of information. When dealing with a call from a fellow professional outside of the organisation that you do not know and the call will require the disclosure of sensitive personal information, you should: 1. Take their name, job role & organisation 2. Call back their organisations switchboard number (do not call people back on their direct line). This will help to prevent the unauthorised disclosure of information.

12 Sending a Fax (1) Consider whether sending the information by a means other than fax is more appropriate, such as using a courier service or secure . Make sure you only send the information that is required. For example, if a solicitor asks you to forward a statement, send only the statement specifically asked for, not all statements available on the file. Make sure you double check the fax number you are using. It is best to dial from a directory of previously verified numbers. Check that you are sending a fax to a recipient with adequate security measures in place. For example, your fax should not be left uncollected in an open plan office.

13 Sending a Fax (2) If the fax is sensitive, ask the recipient to confirm that they are at the fax machine, they are ready to receive the document, and there is sufficient paper in the machine. Ring up or to make sure the whole document has been received safely. Use a cover sheet. This will let anyone know who the information is for and whether it is confidential or sensitive, without them having to look at the contents.

Download ppt "Handling Information Securely"

Similar presentations

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.

SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Opening a bank account.

Opening a bank account.
 When you receive a new email you will be shown a highlighted in yellow box where your email can be found  To open your new email just double click.

 When you receive a new you will be shown a highlighted in yellow box where your can be found  To open your new just double click.
10 Essential Security Measures PA Turnpike Commission.

10 Essential Security Measures PA Turnpike Commission.
HIPAA Privacy & Security EVMS Health Services 2004 Training.

HIPAA Privacy & Security EVMS Health Services 2004 Training.
Practical Information Management

Practical Information Management
ETIQUETTE AND EVIDENCE

ETIQUETTE AND EVIDENCE
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Email Information guide.

Information guide.
ESCCO Data Security Training David Dixon September 2014.

ESCCO Data Security Training David Dixon September 2014.
1.1 System Performance Security Module 1 Version 5.

1.1 System Performance Security Module 1 Version 5.
Privacy and Information Management ICT Guidelines.

Privacy and Information Management ICT Guidelines.
PHYSICAL ITSECURITY scope. 1.What is password security?. 2.Why can't I tell anyone my password? 3.What about writing my password down 4.Social engineering.

PHYSICAL ITSECURITY scope. 1.What is password security?. 2.Why can't I tell anyone my password? 3.What about writing my password down 4.Social engineering.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Demi Leigh.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Demi Leigh.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
ETHICAL ISSUES SURROUND ELECTRONIC COMMUNICATIONS Unit 3.

ETHICAL ISSUES SURROUND ELECTRONIC COMMUNICATIONS Unit 3.
DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.

DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.

Similar presentations

Ads by Google