area for page graphicProtecting Sensitive Information

General Guidelines

The general guidelines for protecting faculty/staff and student information are as follows:

  1. Workstations with access to the data are located within offices that are supervised and/or locked at all times.
  2. Persons given access to the data are instructed to keep sensitive information secured, shielding computer screens from direct public view, shredding documents containing sensitive information, etc.
  3. Student assistants who are charged to update the database are under your direct supervision at all times.

About the Social Security Number

The State of California limits using the SSN in its official business. This campus replaced the SSN with a Campus ID number (CWID) for all student, faculty and staff records, and suppresses the display of SSN on most screens and printed documents.

If security is breached in a database containing unencrypted personal data, the University must notify all persons having records in that database. Personal data is explicity defined by policy and includes the SSN.

Under the new provisions, access to the SSN is a major liability. College IT uses the CWID to identify student and employee data.

For more information regarding these policies, visit the following links:

  1. Assembly Bill AB46 - establishes restrictions on the use of social security numbers

  2. President's Directive 13 - Information Security - defines what data is included in "protected information" and requires any person collecting or using these fields to follow federal and state guidelines

  3. CSU Fullerton's CWID Website - the university's home page for CWID information, including links to FAQs and a page for looking up your own number.