Web Privacy and Security

If you are a website administrator you have a responsibility to safeguard personal information about students, faculty and others.

There have been several instances where website administrators inadvertently exposed sensitive information about people on the web.  The following will help protect you and those you work with.

Public Vs. Private

Some websites allow you to add “private” information.  While this is a nice feature, it should not be used for any sensitive information.

Even if you put something on a website and mark it as private, someone else down the line might accidentally make it public, and once it is out there it is very hard to get back.

No software is 100% secure either, so there is always the chance of it being compromised.  If you have any concern about the kind of information you are putting on your web site please err on the side of safety and don’t put it up.

If you need to share sensitive information use secure departmental file space, or sharepoint.

Newspaper Test

We find it very helpful to use what we call the Newspaper test.  If there is any question about what to put on the web just ask yourself:

“Would I want this information on the front page of the newspaper?”

If the answer to this is no, then don’t put it online anywhere.

Sensitive Information (Don’t Put Online Anywere)

Below are a some more specific examples of things to not put online.  There are, of course, others.

  • Names, Social Security Numbers, Birthdays
  • Grades, Test Scores, Courses Taken
  • Educational Records
  • Attendance Information
  • Financial or Salary Information
  • Personal Identification Numbers (PID’s)
  • Applications
  • Medical and Health Information
  • Anything that makes it easy to identify or locate someone

You can read more about UNC’s security policies for sensitive information here: http://help.unc.edu/6446

More Help – Questions

If you have any questions or need some help finding a solution for an information sharing need in your department please contact ITS-HELP by calling 962-HELP or submitting a ticket at http://help.unc.edu.

Privacy Regulations

  • FERPA – Don’t put any student information online.
  • HIPPA – Don’t put any health records online.

Post a Comment

Your email is never shared. Required fields are marked *

*
*