Disaster Recovery Planning Template

Sensitive Information Policy

Version History

Sensitive Information Policy Version History - This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers), co-location providers, and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals).

Version 3.4

  • Updated to reflect latest compliance requirements'
  • Updated to reflect lessons learned from recent business disruption events and known security breaches
  • Included US government security classification system definition
  • Added ePub (eReader) format to standard offering

Version 3.3

  • Updated electronic forms
  • Added section on best practices for sensitive information text messaging

Version 3.2

  • Added user/customer sensitive information and privacy Bill of Rights

Version 3.1

  • Added an overview section to the policy including a definition of what sensitive information is.
  • Updated electronic form
  • Updated to meet latest mandated requirements

Version 3.0

  • Added privacy guidelines section
  • Added MS WORD electronic version of the Sensitive Information Policy Compliance Agreement
  • Updated to comply with new mandated requirements
  • .docx and .pdf formats support enhanced

Version 2.4

  • Updated to comply with Gramm-Leach-Bliley
  • Updated to comply with Massachusetts and California requirements

Version 2.3

  • Updated General Policy Statement to Include references to PCI and HIPAA Requirements

Version 2.2

  • Updated to CSS Style sheet
  • Modified to comply with Record Management, Retention, and Destruction Policy
  • Update Email record retention compliance requirements

Version 2.1

  • Payment Card Industry Data Security Standard (PCI DSS) Added
  • Best Practices Added
  • Wireless and VPN Added
  • Added as a separate document PCI DSS Audit Program (extracted from PCI standards documentation with modifications)

Version 2.0

  • HIPAA Audit Program Added
  • Office 2007 version Added
Sensitive Information PolicyOrder Sensitive Information PolicyDownload Selected Pages Read on Sensitive Information Policy