Security Awareness - Personal Identifiable Information & Identity Theft
What is PII?
Personal Information is any information that (alone or when used in combination with other information within an organization's direct control) can be used to identify, locate or contact an individual. This affects
personal information whether stored on paper, electronically or by other means.
There are important things that you can do to protect your own personal identity and critical responsibilities that anyone who works with CABQ data must be aware of.
Identity theft criminals are always looking for new ways to get your personal information. This can range from digging through your trash to sending malicious e-mail messages to deceive you. There are important steps to take to make sure your personal information, such as credit card numbers, bank account information, Social Security Number, passwords, or other sensitive information, is not exposed. Here are some recommendations to help protect you against identity thieves.
If you get a message that is phishing for personal information, please forward the email as an attachment to firstname.lastname@example.org
Each of our Responsibilities
CABQ employees have access to, and are responsible for protecting, a wide variety of sensitive information. Unauthorized exposure of information such as credit card information, and social security numbers can have a harmful effect on people's lives. Failure to take care of this information places people at risk of identity theft, misuse of personal funds, or unauthorized modification of information. We therefore all have a responsibility to educate ourselves on how best to protect the information we store electronically. DTI has specific requirements intended to ensure adequate protection of information we store from potential risks such as loss or modification. It is your responsibility to be aware of and understand these policies and procedures.
In an effort to better secure sensitive data at CABQ, the DTI Security Office has compiled this quick reference guide for private data. This type of data should not be stored on workstations or mobile computing devices (laptops, PDAs, flash drives, etc) unless a strong business need exists and proper security precautions have been taken.
PII Risk Matrix
Important practices to keep in mind when dealing with private data include:
If you find High Risk PII stored in an unauthorized location, please contact the DTI Service Desk immediately at 768-2930.
For additional information on protecting your data and devices, see Protecting portable devices.