Security of information

Security of information relates to how stored information is managed, so that it cannot be viewed, copied or tampered with by unauthorised persons, or lost through carelessness or computer failure.

Case example

Client details from case notes left on your desk have somehow become common knowledge in your small community.  Who is responsible for the leak? It could have been a visitor left alone in your office while you made coffee, the cleaner who has access to your office after hours, or even a family member if you forgot delete the notes you typed up on the home computer.

You then realise that there is one person who is definitely responsible – you, as you did not maintain security of information.

With the widespread use of computer records, and small portable storage devices such as USB drives and memory sticks/flash cards, large amounts of information can now be copied or erased in seconds, so strict policies and procedures are essential to maintain the security of information.

Your organisation will have procedures for the security of information in both computer and paper-based files.

They may relate to:

  • rules about storage, access and disposal of sensitive documents
  • staff identity cards or visitor cards
  • rules for bringing visitors into the workplace
  • passwords and user permissions that restrict access to computer files.

Text version (Word Document 106KB)

Activity

Information security procedures

Section 2 activities (Word Document 79KB)

Last modified: Tuesday, 22 October 2013, 1:41 PM