AI Notetakers – the risks and benefits

UN adopts AI resolution which focuses on safety

Ontario school boards sue makers of Facebook, Instagram, Snapchat and TikTok

Tennessee Elvis Act, replication of voices” by AI

Australian government proposes to implement AI changes

Podcast -Ontario IPC discusses facial recognition

Draft American Privacy Act introduced

Best practices in safeguarding data

Podcast: Hill Times political parties and privacy

Cheat Sheet for the proposed American Privacy Rights Act

Blog

Best practices when using USB drives

April 4, 2019 - Sherri Fowler, Analyst

When thinking about this topic I decided to research how big of a USB drive I could actually purchase. I was surprised to see you can purchase one that stores 2 terabytes (TB) of data. Just think about that – something the size of a car key can 2 TB of data. With the ability to store that much data in a very small and portable way, it is important to be super vigilant when using memory sticks.

In January 2018, the IPC developed a resource – Helpful Tips: Mobile Device Security. This resource offers many tips and considerations that are helpful when using memory sticks, including administrative safeguards, technical safeguards and physical safeguards. However, here is a quick list of some things to keep in mind when using USB Drives:

  • Encryption/password protected devices: Only purchase USB drives that have encryption or password protection functionality.
  • Strong passwords: If you have a need to store personal information (pi), personal health information (phi) or other forms of sensitive or confidential information on a USB drive, be sure to have it locked by a strong password.
  • De-identify: When storing pi/phi on a USB, de-identify the information wherever possible.
  • Delete data: Immediately delete the data from the USB once it is no longer needed.
  • Unattended USBs: Do not leave USB’s in vehicles or unattended in public. If absolutely necessary, lock it in the trunk or glove box where it would be out of site. When not in use in your office, be sure to lock it up.
  • Access on a Need-to-Know Basis: When storing data on a device, access to that data should be on a need-to-know basis.
  • Lost or stolen USBs: Report lost or stolen USB’s immediately to your supervisor and the Privacy Officer.
  • Disposal: At the end of its lifecycle, be sure that all the data has been wiped from the USB. Once that is done, safely dispose of or destroy the USB before disposal.

For more applicable information on USB drive use, please see the following resources:

 

Categories: Blog

Back to Blog