Dealing with Sensitive and Highly Sensitive Information
The University Archives naturally and necessarily holds and works with confidential, sensitive and highly sensitive University records. The University Archivist grants and restricts access to such records according to the procedures described in the Archives Access Policy. Archival records are generally closed to researchers until 72 years after their date of creation. Only records that are intended for public distribution, such as University publications, are available to outside researchers immediately and without restriction.
The presence of sensitive or highly sensitive information in University records does not preclude the need to manage those records in accordance with established records retention schedules. Records retention schedules authorize and require offices to routinely destroy certain University records and to transfer other University records to the Archives. Any records containing full payment card numbers or Social Security numbers, however, must be given special consideration before they are transferred to the Archives.
Payment Card Numbers
Payment cards include credit cards, debit cards, and charge cards issued by a financial institution. In accordance with the University of Notre Dame Payment Card Policy and with the Payment Card Industry Data Security Standard (PCI DSS), University offices must limit storage of cardholder data to the minimum amount and time required for administrative and legal purposes. Appropriate retention practices are reflected in general and office-specific records retention schedules.
The University Archives does not accept records that contain full payment card account numbers. Before transferring records to the Archives, an office must first redact all payment card numbers to not more than the first 6 and/or last 4 digits. No exceptions will be granted.
Please review the University's Payment Card Data Handling Procedures to ensure proper storage and disposal of cardholder data within your office. More information is available from the Notre Dame Credit Card Support Program.
Social Security Numbers
Offices that must collect or maintain Social Security numbers (SSNs) in active records (records that are currently in use and regularly consulted) should work with the University's OIT SSN Remediation Team to analyze business processes and develop a remediation plan. Please refer to the SSN Remediation Quick Reference Guide for guidance on safe storage of sensitive electronic data, secure removal of data from USB drives, and additional remediation tips.
Records retention schedules indicate which inactive records (records that are no longer regularly used) should be destroyed and which should be transferred to the Archives. Please refer to general and office-specific schedules to ensure the proper and timely transfer or destruction of University records that contain SSNs.
Destroy inactive records that contains SSNs by utilizing the University's Shredding Program and Information Security services. Records with SSNs must be securely stored in accordance with the University's Highly Sensitive Information Handling Standard until they are destroyed in a secure and confidential manner.
Consult with the Archives if you are preparing to transfer records that contain SSNs. Some records may require SSN remediation prior to transfer. On certain records, however, SSNs can provide essential information that should not be altered. Email firstname.lastname@example.org to discuss the transfer before taking irreversible action. If remediation is necessary, it is the responsibility of the office of origin to perform the remediation prior to transfer. If remediation is not necessary, the office of origin must clearly identify the records that contain full SSNs.
This page was last updated August 28, 2013