Put Privacy First – Privacy Commissioner of Canada speaks about privacy risk mitigation.

Learn more about The Power of PETs: Privacy Enhancing Technologies during a panel discussion hosted by The Information and Privacy Commissioner of Ontario.

BC Commissioner issues report on how municipalities make records available. For more information check out the full news release, fact sheet, guidance document and video.

Thank you to our 800 registrants who registered for the Top of Mind webinar hosted on Jan 31. For those of you who missed the session, you can access both an English and French version of the recording here under “Top of Mind” Data Privacy Webinar 2025. Enjoy!

Blog

Best practices when using USB drives

April 4, 2019 - Sherri Fowler, Analyst

When thinking about this topic I decided to research how big of a USB drive I could actually purchase. I was surprised to see you can purchase one that stores 2 terabytes (TB) of data. Just think about that – something the size of a car key can 2 TB of data. With the ability to store that much data in a very small and portable way, it is important to be super vigilant when using memory sticks.

In January 2018, the IPC developed a resource – Helpful Tips: Mobile Device Security. This resource offers many tips and considerations that are helpful when using memory sticks, including administrative safeguards, technical safeguards and physical safeguards. However, here is a quick list of some things to keep in mind when using USB Drives:

  • Encryption/password protected devices: Only purchase USB drives that have encryption or password protection functionality.
  • Strong passwords: If you have a need to store personal information (pi), personal health information (phi) or other forms of sensitive or confidential information on a USB drive, be sure to have it locked by a strong password.
  • De-identify: When storing pi/phi on a USB, de-identify the information wherever possible.
  • Delete data: Immediately delete the data from the USB once it is no longer needed.
  • Unattended USBs: Do not leave USB’s in vehicles or unattended in public. If absolutely necessary, lock it in the trunk or glove box where it would be out of site. When not in use in your office, be sure to lock it up.
  • Access on a Need-to-Know Basis: When storing data on a device, access to that data should be on a need-to-know basis.
  • Lost or stolen USBs: Report lost or stolen USB’s immediately to your supervisor and the Privacy Officer.
  • Disposal: At the end of its lifecycle, be sure that all the data has been wiped from the USB. Once that is done, safely dispose of or destroy the USB before disposal.

For more applicable information on USB drive use, please see the following resources:

 

Categories: Blog

Back to Blog