Private Information Management Initiative

Overview

Private Information Management Initiative (PIMI) Overview

The Private Information Management Initiative seeks to identify and reduce the amount of Private Information found on RIT computers and storage devices. Private information is information that is typically used to conduct identity theft and may include Social Security Numbers (SSNs), credit card numbers, driver’s license numbers, bank account information, etc.

Reducing the amount of Private Information (PI) will help safeguard the RIT community against identity theft and will help RIT comply with relevant state and federal laws.

Goals
  1. Increase awareness of the importance of safeguarding all private information, not just SSNs
  2. Increase awareness of the existing RIT policies that address private information
  3. Increase sense of individual accountability and responsibility in the area of policy compliance surrounding private information and a related understanding of the consequences for noncompliance
  4. Effective destruction of non-approved and unnecessarily retained private information (paper and electronic forms) from business units and employee offices
  5. Integration of the Records Management Policy into everyday employee activities
Representation

RIT Information Technology Services (ITS) is leading this initiative with the assistance of project team representatives from each college and division. The representatives include:

  • An Information Steward/Management Representative who will receive reports detailing the location of Private information and will lead remediation efforts of Private information found in electronic and paper forms.
  • A Technical Representative who will assist in inventorying computers assigned to the respective college or division and will assist the Information Steward/Management Representative in remediation efforts.
  • Current list of representatives
What to Expect

ITS is working with various RIT organizations to identify the location of SSNs and other Private Information by providing a software tool (Spirion (Identity Finder)) that will scan computers and attached drives to determine if they contain Private information. When Spirion (Identity Finder) finds suspected Private information, it provides a report to the computer user and to ITS. The software also provides the computer user with tools to erase (shred) the information securely or to remove (redact) the private information from the files.

Scans will be initiated by ITS. Computer users may also initiate an on-demand scan at their convenience. Spirion (Identity Finder) is licensed for use on RIT-owned computers and is currently available for Windows and Macs.

For More Information

For more information, contact ITS.

Links:

IAP Plan Requirements

IAP Plan Requirements and Template

Excerpted from the Information Access and Protection Standard

  1. Information Inventory
    1. All RIT organizational units (departments, divisions, etc.) should identify and maintain an inventory (type, classification, location, accessibility) of all Private, Confidential, and Internal information they handle or maintain. The ISO provides an Information Access and Protection Plan Template to facilitate this requirement. (The plan should be updated at least annually.)
  2. Training
    1. Divisional VPs and Deans are responsible for ensuring that mandatory information handling training is provided to any RIT employees (including adjuncts, temporaries and contractors), student employees, volunteers (including trustees, agents, members of affiliate groups, etc.) with access to Confidential or Private information.
    2. This training should be conducted on an appropriate periodic basis. (Annually is appropriate, and can be fulfilled through the self-paced web-based DSD103 Information Handling, available through the Talent Roadmap.)
  3. Non-disclosures
    1. Divisional VPs and Deans are responsible for ensuring that users comply with RIT non-disclosure requirements, which may include signing a non-disclosure agreement.
    2. Systems, applications, or web page administrators (including student employees) who administer information systems containing Confidential or Private information should sign the RIT Systems Support Personnel Non-Disclosure Agreement form.
Resources

Frequently Asked Questions

The Private Information Management Initiative (PIMI) is a program where RIT Information Technology Services helps RIT faculty and staff scan their computers and attached drives to determine if they contain private information (PI). When PI is found, each RIT faculty and staff member is responsible for remediating the private information by redacting or shredding the files.

The program also includes destruction of paper files containing nonessential PI.

The goals of the program are to identify and reduce the amount of private information at RIT. This reduction will help safeguard the RIT community against identity theft and will help RIT comply with relevant state and federal laws.

New York State defines private information (PI) as:

any personal information concerning a natural person combined with one or more of the following data elements: Social Security number (SSN), driver's license number, account number, or credit or debit card number in combination with any required security code. These combinations of information are often used in identity theft.

The New York State Information Security Breach and Notification Act requires that RIT notify affected consumers if their Private information is compromised.

RIT is scanning your computer or drive because we've found that scans have revealed the presence of Private information on many computers; even when the computer owners do not believe there is any Private information present. We want to reduce the potential for identity theft occurring as a result of information obtained from RIT computers.

RIT is authorized to scan computers using the RIT network in order to protect the RIT community. See the Computer Code of Conduct and Network Use and the Privacy Policy.

It is important to note that ITS may inspect the results of the scan only to aid in remediation efforts.

Many universities scan for Private information on computers connected to their networks and have begun remediation of paper files and other media containing Private information.

Your computer is scanned by Spirion (Identity Finder) software installed on your computer. The scans will be initiated from a central scanning server administered by ITS. Spirion (Identity Finder) also allows you to initiate an on-demand scan. You do not have to be connected to the network to initiate an on-demand scan.

It's easy to Pause Spirion (Identity Finder) so that it doesn't impact your productivity significantly. Go to your system tray, right click on the Spirion (Identity Finder) icon (Ctrl-click for Mac) and choose Maximize. Then click on the Pause button. When you're ready to resume the scan, click on Resume.

A screenshot from a Windows computer, showing the context menu for Spirion Identity Finder, with "Minimize/Maximize to Tray" highlighted.A pair of screenshots, showing that a user has clicked on the "Pause" button, and that button has become the "Stop" button.

Spirion (Identity Finder) will generate an interactive report of suspected Private information matches and provide user-friendly tools to erase the information securely or remove the Private information (e.g., Social Security Number, Bank Account Number, Credit Card Number or Drivers License) from the files directly from the interactive report. You may also identify "false positives" by choosing "Ignore" within IDF. ITS may verify that the ignored files do not contain Private information.

When Spirion (Identity Finder) completes its search, review the list of results to begin Shredding or Redacting Private Information and Ignoring "false positives."

You can choose shred, redact, or ignore by right-clicking on the check box next to the entry and choosing from the options available. NOTE: not all options are available for all file types. Process the entire list before closing Spirion (Identity Finder).

If Spirion (Identity Finder) completes its search and no Private Information is found, close Spirion (Identity Finder).

If you are unable to "shred" a file containing Private Information, you may not have permissions in Windows that allows Spirion (Identity Finder) to "shred" it. Contact the ITS Service Desk and ask them to login to Spirion (Identify Finder) as admin and securely "shred" the file.

Spirion (Identity Finder) provides a redact option for specific file types that may not work with all file types. If you need to retain an Office file on your computer but need to redact the Private information in the file you’ll need to follow a three-step process.

  1. Save a copy of the file in Office 2007 or 2010 format (.docx, xlsx, etc.)
  2. Use Spirion (Identity Finder) to redact the Private information from the new file
  3. Use Spirion (Identity Finder) to shred the old file.

We've created a Private Information Handling Quick Reference Table to assist you in determining how to handle Private information found on your computer or drives.

If you find Private information (e.g. Social Security Number, Bank Account Number, Credit Card Number or Drivers License) on your computer and are not sure whether it should be there, ask your Information Steward/Management Representative.

New York State law does not allow the retention of Social Security Numbers unless there is a clear business need for the information. In general, an RIT employee has a legitimate purpose for having access to the Social Security Numbers of another individual when such number is required for tax or billing purposes, credit authorizations, background checks, or in furtherance of submitting a federal or state governmental application that requires the transmission of an individual's Social Security Number. In addition, social security numbers shall be maintained when required by either court order, subpoena, or by direction of the Office of Legal Affairs.

Unless required by RIT business processes, files must not contain Private information. Unnecessary information must be sanitized by redacting (removing) the Private information. It is not sufficient to simply obscure or hide the information. Although "redaction" has a broader meaning in editing, in the context of information handling it refers to the removal of information from a document.

Private information should not be stored on an RIT computer unless expressly permitted. (This information is typically found in copies of tax returns and filled-in forms.)

Currently, only computers with the Microsoft Windows and Mac OSX will be scanned by Spirion (Identity Finder). We encourage you to examine the files on your computer and attached drives to identify Private information and handle it accordingly. For Linux, we recommend using Cornell's Spider. You may also work with your systems administrator to scan the Linux drive from Windows.

Please direct any questions regarding information handling or the Private Information Management Initiative to your Information Steward/Management Representative.

PIMI Representatives

Organization
VP / Dean
Information Steward / Management Representative
Technical Representative
Administration
     
President's Office David Munson Karen Barrows RIT Service Center (Christopher Nardi)
University Advancement Phil Castleberry Patrick Saeva Ahn Karem / RIT Service Center
Enrollment Management Ian Mortimer Colleen Peterson RIT Service Center
Global Risk Management Services Jim Watters John Zink RIT Service Center
Office of Co-op Education & Career Services Christine Licata Maria Richart Jim Bondi/RIT Service Center
F&A Jim Watters Jeanne Casares RIT Service Center
RIT Inn Kory Samuels Bill Gunther/Janice Emerson RIT Service Center
Student Affairs Sandra S. Johnson Jodi Boita/Jessica Bowen RIT Service Center
ITS Jeanne Casares Jeanne Casares Kristi Ziehl/Greg Miller/Omar Phillips
University Communications Bob Finnerty Susan Rosinski RIT Service Center
Academic Administration
     
Academic Affairs / RIT Libraries / RIT Press Marica Trauernich Eric Blevins Justin Newcomer
Marketing & Communications John Trierweiler Steven Wunrow David Scheiderich
Associate Provost / Academic Affairs Ellen Granberg Susan Provenzano RIT Service Center
ILI Neil Hair Neil Hair RIT Service Center
GCR Vanessa Herman Michelle Lezette RIT Service Center
Sponsored Research Ryne Raffaele David Bond RIT Service Center
Registrar Christine Licata Joe Loffredo/Matt DeMayo RIT Service Center
University Advising Christine Licata Lynne Mazadoorian RIT Service Center
University Exploration James Hall Marty Burris RIT Service Center
International Education and Global Programs James Myers James Myers RIT Service Center
Division of Diversity and Inclusion Keith Jenkins Sandy Whitmore RIT Service Center
Colleges
     
Kate Gleason College of Engineering Doreen Edwards Doreen Edwards ITS (Len Levaskevich)
College of Liberal Arts LaVerne McQuiller Williams Michael Laver ITS (Paul Magnani)
College of Science Sophia Maggelakis Larry Buckley ITS (Ethan Wingenbach)
Center for Imaging Science Sophia Maggelakis David Messinger Brett Matzke / Karen Braun
Graduate Studies Twyla Cummings   RIT Service Center
College of Health Sciences and Technology Tai Wang Richard Doolittle ITS (Charles Hall)
The Center for Multidisciplinary Studies James Hall Abby Cantwell RIT Service Center
College of Engineering Technology S. Manian Ramkumar S. Manian Ramkumar Joel Yates
College of Art and Design Todd Jokl Michael Dear Robert Fleck
Center for Integrated Manufacturing Studies / Golisano Institute for Sustainability Nabil Nasr Scott Nichols ITS (Michael Good)
B. Thomas Golisano College of Computing and Information Sciences TBD Sylvia Perez-Hardy James "Linus" Craig
National Technical Institute for the Deaf Gerard J. Buckley Stephanie Tolan Michael Burns
NTID - Substance & Alcohol Intervention Services for the Deaf Bernard Hurwitz Mary Karol Matchett Keven Poore
Saunders College of Business Jacqueline Mozrall Dave Ballard Dave Ballard

Faculty and Staff Responsibilities

All RIT faculty and staff are expected to follow the Private Information Management Initiative (PIMI) requirements below:

  • Review paper files for private information.
  • Scan RIT computers with Spirion (Identity Finder) for private information (if Spirion (Identity Finder) is not available, scanning with an alternative tool or reviewing the computer for Private Information is recommended). Information Technology Services (ITS) will initiate scans of most computers monthly.
  • Scan or review personal/home computers, portable devices, and media for private information.
  • Inform your manager in writing if there is a compelling business reason for retaining private information. Promptly secure the information in compliance with the RIT Information Access and Protection Standard.
  • Notify and receive approval from your PIMI Information Steward/Management Representative.
  • If you're unable to remediate the information found within Spirion (Identity Finder), please redact (securely erase or securely destroy) unnecessary private information.
  • Complete the Digital Self Defense 103 Information Handling course
Additional Requirements for Department Managers

Private Information Handling Quick Reference Table

Private Information Handling Quick Reference Table

This table provides recommendations on the correct handling of private information at RIT.

New York State defines private information (PI) as any personal information concerning a natural person combined with one or more of the following data elements: Social Security number, driver's license number, account number, or credit or debit card number in combination with any required security code.

Digital Self Defense 103 - Information Handling fulfills the training requirement for handling RIT Private or Confidential Information.

Consult the Spirion (Identity Finder) End User Documentation for Windows or Mac for more information.

Situation

Spirion (Identity Finder) Instructions (Preferred)

General Instructions (Use if Spirion (Identity Finder) is NOT available)

I no longer need the files containing the private information

Delete the files using the "Shred" command. This can be done from within the Spirion (Identity Finder) interactive scan report or by right-clicking on the file or folder and choosing "Identity Finder/Shred." If you are unable to delete the file, contact your help desk.

Delete the files securely. Use a secure file deletion utility such as Eraser. Contact your systems administrator or the RIT Service Center for recommended products.

I need to keep the files, but I don't need the private information

Sanitize the information by using the "Redact" command. This can be done from within the Spirion (Identity Finder) interactive scan report. Spirion (Identity Finder) will replace the Private Information with x's. Note that this option is not available for all file types.

Sanitize the documents by deleting any private information such as Social Security Numbers (SSNs) or credit card numbers. Save a new copy of the sanitized document and delete the original file.

I need to continue to have a unique identifier for each individual

Sanitize the information by using the "Redact" command. This can be done from within the Spirion (Identity Finder) interactive scan report. Spirion (Identity Finder) will replace the Private Information with x's. Open the file and replace the x's with unique identifiers not based on the SSN.

Sanitize the documents by eliminating the private information. Convert SSNs to University Identification Numbers (UIDs).

 


 

Situation
General Instructions for Handling Private Information

I need to keep the complete files containing the private information

Unnecessary possession of Private information should be eliminated.

  • There must be a business need to store this information and the system storing the information must meet all applicable RIT security standards (e.g., Desktop and Portable Computer Security Standard, Server Security Standard, etc.). In general, an RIT employee has a legitimate purpose for having access to the social security numbers of another individual when such number is required for:
    • tax or billing purposes
    • credit authorizations
    • background checks
    • in furtherance of submitting a federal or state governmental application that requires the transmission of an individual's social security number.

In addition, SSNs shall be maintained when required by either court order, subpoena, or by direction of the Office of Legal Affairs.

  • Consider encrypting the files.
  • Do not store the encryption key or password on the computer or drive containing the encrypted information.
  • Minimize the amount of records stored locally on a desktop or laptop computer by storing the information on an RIT file server.
  • Inform your manager and your Information Steward/Management Representative of the need to retain Private information.

Contact the RIT Service Center or the RIT Information Security Office for more recommended practices.

I need to carry the files on a portable computer, device, or media (e.g., Laptops, Flash Drives, CD/DVDs, smartphones)

Unnecessary possession of Private information should be eliminated.

  • Storage or conveyance of Private Information on portable devices or media is strongly discouraged.
  • Minimize the amount of records stored on portable devices or media by storing the information on an RIT file server.
  • There must be a business need to store this information and the system storing the information must meet all applicable RIT security standards (e.g., Desktop and Portable Computer Security Standard, Server Security Standard, etc.). In general, an RIT employee has a legitimate purpose for having access to the social security numbers of another individual when such number is required for:
    • tax or billing purposes
    • credit authorizations
    • background checks
    • in furtherance of submitting a federal or state governmental application that requires the transmission of an individual's social security number.

In addition, SSNs shall be maintained when required by either court order, subpoena, or by direction of the Office of Legal Affairs.

  • Private information (and RIT Confidential information) stored or transported on portable media must be encrypted.
  • Do not store the encryption key or password on the media containing the encrypted information.
  • If you are storing or transporting the private information on a portable computer, contact your help desk for encryption options.
  • Protect the private information from unauthorized use or theft.

Inform your manager and your Information Steward/Management Representative of the need to retain Private information.

I no longer need the portable media or hard drive, how do I dispose of them securely?

The RIT Information Security Office provides the following secure disposal recommendations:

  • Erase magnetic media (hard drives, LS120 media, old Zip/Jazz Cartridges, magnetic tapes) with a degausser.
    NOTE: the media may not be usable after degaussing.
  • CD/DVDs can be shredded in a media shredder.

A degausser and media shredder are available at the RIT Service Center in Booth 07B.

Media Disposal Recommendations

Media Disposal Recommendations
Media Disposal Method

Paper

Use a shredder. Crosscut is preferred over a strip shredder.

Disposal of paper records containing Private or Confidential information should be accomplished by crosscut (or better) shredding, placement in a locked document destruction bin, or through vendor-supplied services under a contract approved by RIT Procurement Services.

CD, DVD, diskette, etc.

Use the media shredder (located at the RIT Service Center, 7B-1113).

Hard Drives

If the hard drive is to be reused, contact your support organization for recommendations for secure erasure.

If the hard drive is damaged or will not be reused, render the hard drive unreadable by using the degausser (located at the RIT Service Center, 7B-1113). Note, that Solid State Drives (SSds) may not be sufficiently disrupted by the degausser.

Tapes

Use the degausser (located at the RIT Service Center, 7B-1113).

Solid State Drives (SSDs)

Overwrite and destroy media though methods including shredding, disintegrating, or pulverizing.

Other

Use an industry standard means of secure disposal.

Links to guidelines for media sanitization:

Document Destruction

Document Destruction

Document Destruction Activities provide a focused opportunity for RIT faculty and staff to archive securely or dispose of paper records that contain private information. Private Information includes financial account numbers, social security numbers, driver’s license numbers and other information that can be used in identity theft. Participation in this activity will enable RIT to secure Private Information that could otherwise be used to facilitate identity theft. Document Destruction Activities are part of the RIT Private Information Management Initiative, but they are managed by your department. We encourage all departments to schedule Document Destruction Activities.

Why are Document Destruction Activities so important?

With its concentration of student records and private information, Higher Education is often targeted by attackers hoping to harvest private information (e.g. Social Security Number, Bank Account Number, Credit Card Number or Drivers License) for use in identity theft. In addition, careless storage or loss of records often leads to data breaches that require compliance with various state and federal laws requiring notification of affected consumers.

Participation in Document Destruction Activities will reduce the likelihood for the RIT community to have their personal information fall victim to malicious attacks or loss. This activity will also provide an opportunity for faculty and staff to adhere to the RIT Records Management Policy (C22.0). Any questions regarding the appropriate retention period can be addressed to the RIT Office of Legal Affairs.

When are my Document Destruction Activities?

Contact your Private Information Management Initiative representative to find out what activities are being planned in your college or division for document destruction.

What do I need to do for my Document Destruction Activities?

It is important that you keep track of any documents that may leave another person susceptible to identity theft attacks. In preparation for your department’s Document Destruction Activities, please review the files in your office to ensure that you have not retained any private information (e.g. Social Security Number, Bank Account Number, Credit Card Number or Drivers License) that is not critical to your current work. Take this opportunity to review files and dispose of them in accordance with the RIT Records Management Policy (C22.0).

We encourage you to review your files now and dispose of those containing Private Information securely. Ensure that any RIT files in your home do not contain any private information.

How do I dispose of portable media and paper documents containing Private Information securely?

Visit our Information Disposal page for recommendations.

What if I have questions?

Contact your division or college's PIMI representative.

Private Information Decision Tree

The E. Philip Saunders College of Business provided the Decision Tree below. This should help you determine what to do with information the Identity Finder scan reports.

Click to enlarge.

IDF Decision Tree