Security Reminder when Working Off-Site

If working off-site, follow security requirements for confidential information.
All information that is not officially designated as public is confidential, including information about identifiable individuals, student records, grades, HR records, non-public financial information, etc. 

Do not take confidential information offsite (e.g. home for work) unless you have: 

  • Official Authorization; official University, Division or department policy or practice that permits the record to be taken out. If there is any doubt, consult with your direct report.
  • Demonstrable operational need/No other reasonable means; the record must be taken offsite to fulfil your duties. There is no reasonable alternative to taking the record offsite.

For hard copy records, minimize risk as follows: 

  • Take as few records as you can for expected work. If possible, take copies, not originals. 
  • In transit; Carry records in a locked satchel or case. Do not leave records unattended, e.g. at restaurants, washrooms, public transit, etc. Don’t read where others could see records.
  • At home; Protect records from unauthorized individuals, including family or friends. Lock records away when not in use, e.g. locked cabinet in your locked home.

For electronic records: 

  • Access records remotely only on authorized, secure networks with encrypted communication.
  • Use a strong password to protect your electronic devices and laptop.
  • Be sure your computer has up-to-date security, including firewall, anti-virus and anti-spam.
  • Electronic records taken out of a secure University IT environment should be encrypted at all times, e.g. use an encrypted USB memory stick or encrypted hard drive on your laptop.