Data Protection and Security - CHS Admin Handbook - Minnesota Dept. of Health

Previous Chapter Table of Contents Appendices

Data Protection and Security

Elements of Data Protection and Security
Data Storage and Protection

Related Chapters:

Data protection and security applies to electronic security as well as securing data kept in paper files. Data protection and security is necessary to adequately facilitate retrieval and protect data that are classified as "not public."

All government entities that collect data and keep government records must ensure the integrity and physical security of these resources by protecting them from unauthorized access, modification, destruction, or unauthorized disclosure.

Risks to information and data security include loss of privacy (reading of information by unauthorized persons), loss of data (corruption or erasure of information), and loss of service (filling of data storage space, use of computational resources, denials of network access). Although intruders on security systems and computer viruses are the most highly publicized security breaches, many computer security surveys show that the risk of loss (often unintentional) from individuals working inside an organization is much greater.

Every person in your department who has access to government data and records should be informed of and required to abide by a data protection and security policy. Check with your local government attorney to determine if a policy has been developed for your local jurisdiction.

The objectives of a security policy include:

  • Providing an overview of security requirements for the entity
  • Providing baseline criteria for technical practices related to data security
  • Delineating the responsibilities of government employees for data security

Elements of Data Protection and Security

While your local jurisdiction should have guidelines in place for data security, it is incumbent upon managers to know what kinds of data their programs collect, what levels of security the data require, and the methods by which data are protected.


A firewall is a network router or host that enforces security rules at the boundary between two electronic domains. A firewall is part of a strategy for protecting an organization's Internet-reachable resources. The main function of a firewall is to centralize access control. If outsiders or remote users can access the internal networks without going through the firewall, its effectiveness is diminished. Firewalls can provide several types of protection:

  • Blocking unwanted traffic
  • Directing incoming traffic to more trustworthy internal systems
  • Hiding vulnerable systems that cannot easily be secured from the Internet
  • Logging traffic to and from the private network
  • Hiding information like system names, network topology, network device types, and internal user IDs from the Internet
  • Providing more robust authentication than standard applications might be able to do

Virus Protection

Viruses are a malicious kind of unauthorized software. Unregulated sharing of software, regardless of whether it started out as shareware or commercial programs, is a culprit in spreading viruses. The ease of downloading software from the Internet or receiving an "infected" email attachment is of particular concern.

For virus protection software to work effectively, the virus protection files must be kept up-to-date and users must be informed, trained and reminded about the ways that viruses are transmitted and the proper precautions for use of email and the Internet.


Encryption of data is essential to protecting private or confidential data and for communications. Simple password protection at the file level is often not adequate for data protection, as it may easily be broken. In addition, when private or confidential data are sent via the Internet, or transported in electronic format (e.g., laptop, disc, flash drive, etc.) they should be encrypted.

Access Control and Authentication

Controlling access to data is a critical function of security. User authorization for access should be limited to the level necessary to perform job duties, and adjusted as duties change.

There are several approaches to granting and checking authorization. Developing user roles and granting permissions based on user roles is a very effective system for maintaining and documenting access control. Because of changes in work assignments and personnel, maintaining access control should be viewed as an ongoing activity and roles/permissions should be monitored regularly.

Authorized Hardware and Software

Most organizations insist upon a standard set of hardware and software for all employees to avoid possible problems with data security introduced by untested hardware and software.

Remote Access Points and Electronic Communications

With more people carrying out their job functions at varying distances from central offices (e.g., telecommuting, etc.) some unique security concerns have arisen. Interception of data transmission is one security risk; the loss or theft of equipment and/or data is another security risk heightened by the use of portable systems. Be sure that your employees are aware of the security risks and concerns and know what they have to do to comply with your local jurisdiction's data security policy.

Disaster Recovery and Backup

Disaster recovery plans are crucial to the operation of information systems. The requirements for development of disaster recovery plans are meant to ensure that adequate information exists and that planning has taken place to enable the continued functioning of the department in case of any disaster. While your systems administrator is thinking of how to preserve the functioning of the electronic equipment, you will need to determine which are your most "mission critical" data, make sure that paper copies are stored properly, and confirm that electronic data are backed up and maintained in a secure location.

User Notification and Training

Training employees in security concepts and practices is one of the most effective means of reducing vulnerability to attack, errors, and fraud. Make sure your employees understand the importance of data security measures and their role in protection the security and integrity of information.

Data Storage and Protection

Related Chapter: Government Records and Retention

Data Stored on Paper

Most data still starts out as a paper record—a chart or a formed filled out, a questionnaire, an application. How paper is handled in your office can have a significant effect on data security. You will want to make sure that everyone in your department understands the following methods of keeping data on paper secure:

  • Keep files that contain "not public" data behind two locks, such as the locked entrance or secured door and a locked file cabinet. This includes systems documentation and data dictionaries defining "not public" data.
  • Put away "not public" data when you leave your desk. "Not public" data and files include information that describes "not public" data such as documentation or data dictionaries.
  • Pick up print outs and faxes that contain "not public" data immediately.
  • Print or copy "not public" data only when necessary and shred copies when they are no longer needed.

Data Stored Electronically

  • Limit your access to data that you need to do your daily work. Work with your systems administrator to define the appropriate level of access for each employee.
  • Limit the number of copies of a data set or partial data set. Ensure that all changes to data sets are documented and made on the appropriate version.
  • Document data so the potential uses and limitations of the data are clear.
  • Use passwords (login, screensaver, and shared calendars).
  • Store files in the appropriate location on network drives so that access to the data will be controlled and the data will be backed up and secure.
  • Use secure file transfer methods.
  • If a laptop is taken out of your department offices, make sure staff knows what files are stored on the laptop and the level of security they must maintain.

Data Disposal

Once an electronic record has been created, a simple "delete" does not actually destroy that record. Check with your local systems administrator on the proper and effective ways to "clean" hard drives, floppy discs, and other electronic storage units, as well as printer/typewriter ribbons and other potential "shadow copies" of data.

Next: Appendices