West Virginia Executive Branch
PII – WHAT’S IN YOUR DESK?
Have you looked at the files you store in your office or desk? You could be holding onto a lot of documents containing personally identifiable information (PII) without even realizing it.
Many of us keep copies of travel expense records or other internal government forms which have names, home addresses and phone numbers, and possibly social security numbers or health information. It could be your own information, or another employee’s.
Are you keeping original documents?
You should first check your department’s document retention schedule to see how long you legally need to keep the documents. If you must keep the original documents, secure them in a locked filing cabinet. If not, shred the documents to keep them from becoming an incident if they are improperly accessed.
Are you keeping copies of documents?
If the documents you are keeping are copies, and the originals are stored in accordance with your department’s policies, decide whether or not you *really* need to keep them. Are the documents your own? Or, if you’re in a management position, are they an employee’s documents? If so, all PII should be redacted from the copies.
What is redaction?
Redaction is editing, modifying or revising a document to permanently remove confidential or sensitive information.
How should I redact a document?
- Make a photocopy of the document – DO NOT redact the original.
- On the photocopy, use a black marker to conceal the PII that you want to redact. Be sure that the PII is totally covered with the black ink. A permanent marker is best.
- Make sure the ink is dry, and then photocopy the redacted document.
- Visually inspect this 2nd photocopy – you should not be unable to read any of the PII through either the front or the back of the document. This 2nd photocopy can be provided to the recipient.
- Save the 1st photocopy (with the black ink redaction) with the original, to show the redaction effort.
If you would like to review the redaction procedure issued by the WV State Privacy Office, please click on the following link: www.privacy.gov/privacypolicies.
Note: Your agency/bureau/department/division may have specific requirements – always check your policies and procedures. If you have questions, contact your Privacy Officer.
SEE ALL 2016 PRIVACY TIPS