Managing Sensitive Data
In order to operate, MSU must handle information. This information includes data on students, employees, alumni, donors, clients, patients, patrons, partners, and other affiliates.
As part of data stewardship and governance, the university has the responsibility to take all practical measures to protect the privacy and confidentiality of this information and manage sensitive data in a secure manner, while permitting the effective and efficient use of the data. The best effort of every member of the university workforce is required to satisfy these dual data management objectives.
Getting Started
We suggest that you plan and follow a five-step approach to managing sensitive data.
- Education and awareness
- Inventory your data
- Assess your risks
- Mitigate your risks
- Regularly, at least once a year, revisit your efforts and make changes and improvements to your plan as needed
For a detailed discussion on producing this plan, read through the core documents on our Information Security Plans for Units page.