- Created by Justin Lytle - Admin, last modified on Jul 30, 2020
Policy identification number: IT-0002
File: Information Technology Policies
Storage and Handling of Data
This policy establishes the requirements and responsibilities regarding the storage and handling of classified data.
Vice President, Finance & Administration
January 30, 2019
January 30, 2019
storage, handling, data, s, vpfa
Scheduled for Review
Faculty, staff and employees of Fort Lewis College have the responsibility to protect information resources for which they are in care of. Each person and office is expected to:
II. Data Storage and Handling Requirements
III. Storage and Handling Best Practices
IV. Reason for Policy
Fort Lewis College is committed to protecting the reputation, safety, and privacy of the individuals that make up our community. Establishing best practices around the handling of data helps prevent the unauthorized disclosure of sensitive information and ensure compliance with data privacy laws and regulations.
For following the policy: All employees and contracted vendors
For enforcement of the policy: Information Security Officer
For oversight of the policy: Vice President for Finance & Administration
For notification of policy: Policy Librarian
Electronic Documents: Electronic documents are created and stored on a computer system or application. Common types electronic documents include emails, database tables and reports, web pages, spreadsheets, text files, presentations, and digital images.
Mobile Devices: A portable computing device, such as laptops, tablets, smart phone.
Encryption: A technology that protects electronic documents and system drives by converting the data to a format that is unreadable to those with unauthorized access. Password protection of electronic documents is not an adequate substitute for encryption.
VII. Cross-Referenced Policies
Classification of Data Policy
VIII. Consequences of Non-Compliance
Confidential data is protected by State, Federal, and International laws and regulations. Failure to properly manage data can result in disciplinary actions, penalties and other consequences for the individual and department. Violations shall be handled consistent with College disciplinary procedures. The College may refer suspected violations of applicable law to appropriate law enforcement agencies.
The College may suspend, block or restrict access to information and network resources if necessary to protect the integrity, availability, and/or confidentiality of College information or to protect the College from liability.
IX. Revision History
New policy January 2019