STAFF SYMPOSIUM ‐ IT TRACK
StaffSymposiumITTrack
MaterialDownloadSite
https://www.stacs.net/symposium/2018
5/17/2018 Session 1: PII Data Management 3
STAFF SYMPOSIUM ‐ IT TRACK5/17/2018 Session 1: PII Data Management 5
But first a special presentation from our Sponsors
STAFF SYMPOSIUM ‐ IT TRACK
ITTrackSession1:PIIDataManagementPlans,PracticesandStrategies
Businesses have legal liabilities and responsibilities to protect Personally Identifiable Information (PII) they receive, process and distribute.
Developing a data management strategy to minimize PII within Trustee operations and computer systems is necessary to limit the risk and impact of a data breach. Processes, practices and technical options to develop a custom strategy will be discussed with examples of easy win items to jumpstart your internal efforts.
5/17/2018 Session 1: PII Data Management 6
Don’t Worry Marley Meter
STAFF SYMPOSIUM IT TRACK
WhyaDataManagementPlan?◦ Back in the day, cost drove good data management
◦ Storage got cheap and we got lazy
◦ Now data breach risks drive data management needs
5/17/2018 Session 1: PII Data Management 11
STAFF SYMPOSIUM IT TRACK
DataManagementChallengeThe implementation of a data life cycle process to
◦ identify existing and new forms of sensitive data to protect,
◦ defines specific strategies, tools, processes and procedures
◦ controls and maintains the data’s security and integrity
◦ maintains availability of a minimum required data set
5/17/2018 Session 1: PII Data Management 12
STAFF SYMPOSIUM IT TRACK
WhatisPII,ConfidentialorPrivacyData?
Handbook Definition: ◦ Full SSN/Partial, Case ID, Name, Address, Phone ◦ (pieces together)
Practical Definition (Data Breach): ◦ Full/partial SSN, Bank Account #
Debtor, Employer and Employee PII
5/17/2018 Session 1: PII Data Management 13
STAFF SYMPOSIUM ‐ IT TRACK
Personally Identifiable Information Section 101(41A): Generally, PII is:◦ First name / initial and last name of individual;◦ Geographical address of residence;◦ Email address;◦ Telephone number;◦ Social security number; and◦ Account number of a credit card.
5/17/2018 14Session 1: PII Data Management
STAFF SYMPOSIUM ‐ IT TRACK
Employee Identifiable Information Employee, spouse and children PII Review, compensation, payroll Health/Life Insurance (HSA, HRA, FSA) Retirement (401K) Direct Deposit (Void check image, Routing/Acct No.) I‐9 Documents (Driver License, SSN Card, Passport,
etc.) Background Investigation
5/17/2018 15Session 1: PII Data Management
STAFF SYMPOSIUM ‐ IT TRACK
PII – cont’d F.R.B.P. 9037: A filing that contains a SSN/TIN, minor’s name, or financial account number:◦ Last four digits of SSN/TIN;◦ Year of individual’s birth;◦ Minor’s initials; and◦ Last four digits of financial account number.
5/17/2018 16Session 1: PII Data Management
STAFF SYMPOSIUM ‐ IT TRACK
PII – cont’d EOUST defines PII as:◦ Information which can be used to distinguish or trace an individual’s identity, such as name, social security number or biometric records, etc., alone, or combined with other personal or identifying information linked or linkable to specific individual, such as date and place of birth, mother’s maiden name, etc.
5/17/2018 17Session 1: PII Data Management
STAFF SYMPOSIUM ‐ IT TRACK
PII – cont’d What EOUST says is not PII:◦ First or last name, country, state or city of residence, age, gender or race and job position. (THB 4‐26, 4‐27)
5/17/2018 18Session 1: PII Data Management
STAFF SYMPOSIUM IT TRACK
DataManagementStrategy Objective: implement lifecycle data management
1. Manage Incoming Data2. Implement a lifecycle for Data in Use3. Manage Outgoing Data
5/17/2018 Session 1: PII Data Management 19
STAFF SYMPOSIUM IT TRACK
DataInput/OutputManagementDefine Processing Practices◦ Train staff to spot PII data while processing inputs & outputs Tag PII on receipt features or set in document type setting
◦ Define procedures to redact PII in common documents Use redaction practices and tools for common data
◦ Work to remove PII Data dependencies in form, documents, outputs, & shared data Create a PII team to assess options and strategies
5/17/2018 Session 1: PII Data Management 20
STAFF SYMPOSIUM IT TRACK
Actions Methods
Refuse Receive Redact Reduce Redistribute Remove Restore
Policies Procedures Practices Technology Training
ActionsandMethodsToConsider
5/17/2018 Session 1: PII Data Management 21
STAFF SYMPOSIUM IT TRACK
Wheretobegin?1. Purge Old Cases2. Identify PII in ◦ documents, databases, systems and files
3. Determine Actions to apply to PII Identified
5/17/2018 Session 1: PII Data Management 23
STAFF SYMPOSIUM IT TRACK
Wheretobegin?DataReductionStart with what you already have◦ Bulk Data Repositories Email, Case Databases, File storage Old and legacy data
◦ Storage and Backups◦ Virtual machines, Replicas, backups◦ Paper Records
5/17/2018 Session 1: PII Data Management 24
STAFF SYMPOSIUM IT TRACK
Issues◦ Exchange recovery mail store contains 1 year of delete emails
◦ Decentralized in user mailboxes◦ Long term recovery by others
Implement◦ Data Retention Limit◦ 1 year rolling deletion
◦ Email procedures for specific business email
EmailReduction
5/17/2018 Session 1: PII Data Management 25
STAFF SYMPOSIUM IT TRACK
Backup,ArchiveandPurgeCases Data moves between Production and Backup Production to Offline Archive to Destruction
5/17/2018 Session 1: PII Data Management 26
BACKUPS
ARCHIVE
ActiveData
InactiveData
ExpiredData
STAFF SYMPOSIUM IT TRACK
Definitions Backup◦ Daily scheduled copy of important data and files
Purging◦ Secured permanent deletion of data from it original source
Archiving◦ Data not in active use◦ Kept offline and secured
Archive Purging◦ Secured permanent deletion of data from archive
Rolling – perform on a regular schedule
5/17/2018 Session 1: PII Data Management 27
STAFF SYMPOSIUM IT TRACK
DataReduction‐ RetentionLimitsEstablish retention limits for different data types ◦ Tax Returns ‐ 30 days after 341◦ Closed Cases – 6 months move to case archives◦ Closed Case Archive – Purge after 7 years
◦ Employee Information – 5 years post separation Reviews, I‐9, Health/Benefit, Badge Photo, Email
◦ HR, Health, Benefits – 5 years post separation◦ Business Financials ‐ 2 year 7 years
5/17/2018 Session 1: PII Data Management 28
STAFF SYMPOSIUM IT TRACK
CaseData&DocumentPurge Know your vendors recommended process and tools
Export old case data and files from database Store to an offline archive for long‐term recovery Purge old case data and files from database & server
Issue: Database transaction logs contain purged data records.
5/17/2018 Session 1: PII Data Management 29
STAFF SYMPOSIUM IT TRACK
CaseVendorPIIDataManagement1. Backups, Database and Files2. Backups offsite3. Offline Archiving Capabilities4. Data Retention5. PII tagging of documents6. Other features for find PII in Database
5/17/2018 Session 1: PII Data Management 30
STAFF SYMPOSIUM IT TRACK
DanGibbs– EasyImplementations1. Begin running the PII Searches on DB monthly.
Tweak tool to work for your office (remove more fields / tables from report where appropriate). Review results.
2. Review the SSN in Account # Report. Redact those payee account numbers that include SSN numbers. Staff implement this with minimal effort and XXX records will no longer include SSNs. Review more recent entries on open cases to determine if procedural input adjustment needed with staff.
5/17/2018 Session 1: PII Data Management 38
STAFF SYMPOSIUM IT TRACK
DanGibbs– EasyImplementations3. Consider deletion of old tblLockBoxDetail records. Over 1M
records could be there with SSN can be eliminated. Determine need for retention on a rolling basis. Delete as part of monthly routine. NOTE: If triggers exist on this table, may want to drop them to avoid copying all SSN from here to the audit table. Work with Bank to remove or redact SSNs.
4. Consider removal of debtor/parties/payees phone and email addresses from case vendor or other online public web portals. Instruct vendor accordingly.
5/17/2018 Session 1: PII Data Management 39
STAFF SYMPOSIUM IT TRACK
DanGibbs– EasyImplementations5. Change the password being used on Tax Returns or
other secured documents if need to retain at all.6. Identify any extra hard copies of items stored
around the office. Old binders, drafts of documents, samples, training materials.
7. Have staff immediately delete Lockbox Export Files after transmission. This could eliminate files with 10,000 SSNs and employers depending on current retention schedule.
5/17/2018 Session 1: PII Data Management 40
STAFF SYMPOSIUM IT TRACK
DanGibbs– EasyImplementations8. Annually change passwords on all vendor case
portal accounts and suspend unused accounts. ◦ Verify all accounts are limited to party in interest or
attorney of record. No unrestricted DA access to all cases.
9. Implement "Secure Transfer of Documents" agreements and have instructions to require redaction of SSN in all documents submitted. Establish process for review and feedback when not redacted. Communicate with existing users the need for redaction.
5/17/2018 Session 1: PII Data Management 41
STAFF SYMPOSIUM IT TRACK
DanGibbs– EasyImplementations10. Use vendor provided or other tools to search for
PII reports to find 9 digit numbers stored in odd fields and review to see if these are SSNs. If so, determine redaction methods.
11. Redact SSNs in purged data table for older cases.
5/17/2018 Session 1: PII Data Management 42