I.T. Confidential Data Procedures


1.0 Overview

Confidential data is typically the data that holds the most value to Greater Saskatoon Catholic Schools (GSCS). Often, confidential data is valuable to others as well, and thus can carry greater risk than general GSCS data. For these reasons, it is good practice to dictate security standards that relate specifically to confidential data.

2.0 Purpose

The purpose of these procedures document is to detail how confidential data, as identified by the
Data Classification Guidelines should be handled. This document lays out procedures for the use of confidential data, and outlines specific security controls to protect this data.

3.0 Scope

The scope of these procedures covers all electronic GSCS-confidential data. Also covered by these procedures are hardcopies of GSCS data, such as printouts, faxes, notes, etc..


4.0 Procedures

4.1 Treatment of Confidential Data

For clarity, the following sections on storage, transmission, and destruction of confidential data are restated from the
Data Classification Guidelines.

4.1.1 Storage

Confidential information must be removed from desks, computer screens, and common areas unless it is currently in use. Confidential information must be stored under lock and key (or keycard/keypad), with the key, keycard, or code secured.

4.1.2 Transmission

Confidential data must not be 1) transmitted outside GSCS network without the use of strong encryption, 2) left on voicemail systems, either inside or outside GSCS's network.


4.1.3 Destruction

Confidential data must be destroyed in a manner that makes recovery of the information impossible. The following guidelines apply:

         Paper/documents: cross cut shredding is required.

         Storage media (CD's, DVD's): physical destruction is required.

         Hard Drives/Systems/Mobile Storage Media: at a minimum, data wiping must be used. Simply reformatting a drive does not make the data unrecoverable. If wiping is used, GSCS must use the most secure commercially-available methods for data wiping. Alternatively, GSCS has the option of physically destroying the storage media.

4.2 Use of Confidential Data


A successful confidential data policy is dependent on the users knowing and adhering to GSCS's standards involving the treatment of confidential data. The following applies to how users must interact with confidential data:

         Users must be advised of any confidential data they have been granted access. Such data must be marked or otherwise designated "confidential."

         Users must only access confidential data to perform his/her job function.

         Users must not seek personal benefit, or assist others in seeking personal benefit, from the use of confidential information.

         Users must protect any confidential information to which they have been granted access and not reveal, release, share, email unencrypted, exhibit, display, distribute, or discuss the information unless necessary to do his or her job or the action is approved by his or her supervisor.

         Users must report any suspected misuse or unauthorized disclosure of confidential information immediately to his or her supervisor.

         If confidential information is shared with third parties, such as contractors or vendors, a confidential information or non-disclosure agreement must govern the third parties' use of confidential information.

4.3 Security Controls for Confidential Data


Confidential data requires additional security controls in order to ensure its integrity. GSCS requires that the following guidelines are followed:

         Strong Encryption. Strong encryption must be used for confidential data transmitted external to GSCS. If confidential data is stored on laptops or other mobile devices, it must be stored in encrypted form.

         Authentication. Strong passwords must be used for access to confidential data. For more detail, see the Password Procedures document.

         Physical Security. Systems that contain confidential data are reasonably secured.

         Printing. When printing confidential data the user should use best efforts to ensure that the information is not viewed by others. Printers that are used for confidential data must be located in secured areas.

         Faxing. When faxing confidential data, users must use cover sheets that inform the recipient that the information is confidential. Faxes should be set to print a confirmation page after a fax is sent; and the user should attach this page to the confidential data if it is to be stored. Fax machines that are regularly used for sending and/or receiving confidential data must be located in secured areas.

         Emailing. Confidential data must not be emailed outside GSCS without the use of strong encryption.

         Mailing. If confidential information is sent outside GSCS, the user must use a service that requires a signature for receipt of that information.

         Confidential data must be removed from documents unless its inclusion is absolutely necessary.

         Confidential data must never be stored on non-GSCS-provided machines (i.e. home computers).

         If confidential data is written on a whiteboard or other physical presentation tool, the data must be erased after the meeting is concluded.

4.4 Examples of Confidential Data

The following list is not intended to be exhaustive, but should provide GSCS with guidelines on what type of information is typically considered confidential. Confidential data can include:

         Employee social security numbers or personal information

         Medical and healthcare information

         Health Information

         Parent/Guardian and Student data

         GSCS financial data

         Enrollment forecasts

         Network diagrams and security configurations

         Communications about corporate legal matters


         Bank account information and routing numbers

         Payroll information

         Credit card information

         Any confidential data held for a third party (be sure to adhere to any confidential data agreement covering such information)


4.5 Emergency Access to Data

GSCS handles information that is integral to the health, well-being, or protection of our students. Each school must consider establishing such a procedure in case the normal mechanism for access to the data becomes unavailable or disabled due to system or network problems.


5.0 Enforcement

This policy will be enforced by Superintendents of Education. Violations may result in disciplinary action, which may include suspension, restriction of access, or more severe penalties up to and including termination of employment. Where illegal activities or theft of GSCS property (physical or intellectual) are suspected, GSCS may report such activities to the applicable authorities.


6.0 Definitions

Authentication-A security method used to verify the identity of a user and authorize access to a system or network.

Encryption-The process of encoding data with an algorithm so that it is unintelligible without the key. Used to protect data during transmission or while stored.

Mobile Data Device-A data storage device that utilizes flash memory to store data. Often called a USB drive, flash drive, or thumb drive.

7.0 Revision History

Revision 1.0, 8/9/2011

Revision 2.0, 8/2/2012