Impacts of Technology (U4)
Security of Personal and Sensitive Information
Topic Menu
Content Contributors
Learning Objectives
Personal Information
Personal information is any information that can be used to identify you. Personal information could be characterised as belonging to you.
Examples of Personal Information
Address
Date of Birth
Name
Email Address
Phone Number
Sensitive Information
Sensitive information is information that is protected and should not be disclosed unless under specific circumstances. The Privacy Act defines sensitive information as "information or an opinion about an individual’s":
racial or ethnic origin;
political opinions;
membership of a political association;
religious beliefs or affiliations;
philosophical beliefs;
membership of a professional or trade association;
membership of a trade union;
sexual preferences or practices; or
criminal record
(Source: Australian Law Reform Commission)
http://www.alrc.gov.au/publications/6.%20The%20Privacy%20Act%3A%
Security of Personal and Sensitive Information
Businesses and Government organisation have an obligation to protect the personal and sensitive information collected about their customers. Unauthorised access of personal and sensitive information could lead to identity theft and fraud.
Challenges of Digital Security
Before, personal and sensitive data were stored physically making security easier to detect unauthorised access. Video surveillance could detect who accessed data and you could tell when data was stolen if a document had disappeared.
Nowadays, more data is becoming digitalised to allow for improved access by organisations. This poses internal and external threats to the security of data. Now data can accessed and copied without anyone knowing. Internet connections also bring threats of global hackers located around the world.
Ways to Secure Digital Personal and Sensitive Information
Physical security - locks on servers, video surveillance of server rooms and keys or keycards to restrict access
Electronic Audit Trails - allows administrators to see what files were accessed by which user and at what time. Some audit trails can be programmed to prompt a user to input a reason to why they are accessing certain files
File permissions - restrict access of personal and sensitive information to authorised users
Firewalls - monitors incoming and outgoing data packets and blocks unauthorised data packets
Anti-Virus Software - detects and removes malware on systems that could be used to discretely access personal and sensitive information