SDPI Key Areas

The Sensitive Data Protection Initiative consists of a set of policies, data cleanup efforts, changes in business practices, and awareness messages all aimed at protecting or reducing the amount of High Risk data (for a definition of what constitutes High Risk sensitive data, see 1031.A and 1031.B of UW System's Administrative Policies & Procedures).

Key Areas:

  • Policies

    These policies provide the foundation of SDPI. They describe what constitutes High Risk data, and the roles/responsibilities we all have in protecting it.

  • Revision of Business Practices

    Reducing the use of SSNs and other sensitive data requires revising forms and existing business practices used by the entire campus.

  • Cleanup of High Risk Sensitive Data

    It is the responsibility of all employees to cleanse their university workstations and laptops of High Risk data that they do not have permission to retain. We have purchased a tool called Identity Finder to help.

  • Protection of High Risk Data

    It isn't always possible to remove the need for High Risk data. In these cases, we try to protect the data using technical or business tools. Network controls, laptop encryption and digital email certificates are some examples of the options we employ here.

  • Awareness

    Periodically, the Information Security Office sends out messages aimed at educating both students and employees about High Risk data and the protection it needs. Bringing awareness of SDPI options available for protecting High Risk data is vital to reducing the risk to UWSP students, faculty, staff and the institution as a whole. Please watch for messages from the Information Security Office in MODs, wallpapers, and direct mailings via campus mail.