FIPPA - Guideline Regarding Security for Personal and Other Confidential Information

Personal and other confidential information should at all times be protected with effective security as described in University policy and Information Security and Privacy Practices.

Personal and other confidential information in electronic form should be kept in a secure server environment with appropriate restricted user rights. If it is outside a secure server environment, personal and other confidential information in electronic form must at all times be protected with properly implemented encryption.

Personal and other confidential information in hard copy form should be kept in a secure institutional environment.  If it is outside a secure institutional environment, personal and other confidential information in hard copy form must at all times be protected with strong, effective security measures.

June 2011