Disclosure of Sensitive Information
What is Sensitive Information?
Any information that can be used to identify you or another person is sensitive information. Be advised: Sensitive information is regulated by laws and University policies and should never be stored on your computer's hard drive, on a portable device, or sent via email without proper authorization. Protecting sensitive information on University computers is the responsibility of all members of the University community.
The disclosure of sensitive information can result in identity theft, regulatory fines, and civil as well as criminal penalties under federal and state statues.
Examples of sensitive information include the following:
- Personal Information - Social Security Numbers, driver's license numbers, and similar personal identifiers; student information protected under FERPA federal regulations; health information protected under HIPAA federal regulations.
- Financial Information - such as financial aid data, bank account numbers, credit card numbers, and similar information.
- University Administrative Computer Data - employee personnel records, student educational records, University financial information, and electronic documents such as email messages, reports, memoranda, letters, and other electronic document files that contain confidential information; legal documents and contracts.
- Passwords: User IDs, passwords, and PIN numbers to University systems or personal accounts on non-University systems; University identifier numbers such as a University 2P number.
- Research Data - Any data that is used to validate research findings. Human subject data (Social Security Numbers, for example, in medical records) and laboratory animal care information are federally-regulated and especially sensitive.
By following the steps in the Secure Your Data community at My Pitt (my.pitt.edu), faculty, staff, and their University units will have the necessary security controls in place to protect both their computing resources and any sensitive information under their control.
For more information about University sensitive information, review these technology-related University policies.