Protecting Yale's data
The Yale University data security initiative is based on five key principles:
Keep only the data you need for routine current business, and safely archive older data and remove it from all computers and other devices (smartphones, laptops, flash drives, external hard disks).
Physical security is key to safe and confidential computing. All the passwords in the world won't get your laptop back if the computer itself is stolen.
Data security is crucial to all academic, clinical, and business operations at Yale. All existing and new business and data processes should include a data security review to be sure Yale data is safe from loss and secured against unauthorized access. If you do not have antivirus software installed, visit the ITS Software Library to download Symantec AntiVirus now. Also, please ensure your operating system software is up-to-date as well.
Create a plan to review your data security status, create routine processes to archive unneeded data, and make sure you and your colleagues know how to respond if you have a data loss or data security incident.
- U.S. Department of Health and Human Services (HHS.GOV) - Guidance on HIPAA Risk Analysis (See the "Elements of a Risk Analysis" subheading)
- U.S. Government: OnGuard Online
- U.S. FTC - Avoiding Identity Theft
- U.S. FTC - Privacy Initiatives
- U.S. FTC - Protecting Personal Information: A Guide for Business