| |
|
|
Recommendations
on handling of restricted data doesn't apply to financial restricted accounts. |
| By Fax |
No special requirement |
Machine must have limited access such that only those authorized can view. Otherwise, recipient must first agree that
an authorized person will be present when the material is sent. |
Keep current language and include the following at end: For receipt of faxes containing restricted information unattended
printing permitted only if physical access controls are used to prevent unauthorized viewing.
Printouts are to be picked up as soon as possible. |
| By Voice Mail |
No special requirement |
No special requirement |
Do not leave restricted information in voice mail message. Request call back. |
| By Wireless or cellular technology |
No special requirement |
Be aware that wireless cellular technology are not very secure. (Encryption suggested where applicable) |
Do not transmit. |
| All other electronic communications (email, FTP, connections to administrative applications, etc). |
No special requirement. |
Encryption suggested |
Encryption required. ** |
| ** Note: It is expected that departments will (a) move toward encryption over time as new files are created or existing files modified and (b) pressure their vendors and exchange agencies to move in this same direction. |
