Revision of Business Practices

 


 

 

In order to eliminate or minimize the use of sensitive data as much as possible, UWSP needed to revise existing business practices that currently use sensitive data. A primary goal is for an employee to never again have to share their personally sensitive data once they have been through the UWSP new hire process. To accomplish that goal, we have revised our electronic systems and forms by replacing the use of Social Security Number (SSN) with employee or student identification number.

Business Practices:

  • Created a new process to replace our current method of gathering personally identifiable information from new employees.

  • Created a procedure whereby employees who need to store sensitive data can request authorization from campus Data Stewards.

  • Created an application that allows authorized employees to query sensitive data when required for payroll, personnel or other business purposes.

  • Identified and revised major forms and processes (e.g. Personnel Appointment Forms (PAFs) and Travel Expense Reports (TERs)) to eliminate the use of sensitive data.

  • Shared best practices for disposing of and physically protecting non-electronic sensitive data with all employees in a Confidentiality Agreement including:

    • Shredding non-electronic records containing sensitive data with approved document shredding techniques.

    • Protecting non-electronic sensitive data in locked vaults, cabinets, etc.