Sensitive Information Policy - Privacy

Sensitive Information Policy

Version History of the Sensitive Information Policy

Sensitive Information Policy Version History - This policy applies to the entire enterprise, its vendors, its suppliers (including outsourcers), co-location providers, and facilities regardless of the methods used to store and retrieve sensitive information (e.g. online processing, outsourced to a third party, Internet, Intranet or swipe terminals).

This offering is significantly impacted by mandated security and privacy requirements like GDPR (General Data Protection Regulation) and the CCPA (California Privacy Act). As privacy requirements are added, we will update this offering and all supporting policies / templates to be in full compliance.

Users should also look at the Security Manaual Template and the Security Vulnerability Analysis Tool which is not included as part of Janco’s Security Manual Template. Firewalls have become ubiquitous across enterprises over the past decade, but the combination of new and varied access methods combined with increasingly sophisticated attacks has forced network operators and security professionals to constantly evaluate their defenses. When deploying a next-generation firewall there are many  factors to consider.

Version 3.4

  • Updated to reflect latest compliance requirements'
  • Updated to reflect lessons learned from recent business disruption events and known security breaches
  • Included US government security classification system definition
  • Added ePub (eReader) format to standard offering

Version 3.3

  • Updated electronic forms
  • Added section on best practices for sensitive information text messaging

Version 3.2

  • Added user/customer sensitive information and privacy Bill of Rights

Version 3.1

  • Added an overview section to the policy including a definition of what sensitive information is.
  • Updated electronic form
  • Updated to meet latest mandated requirements

Version 3.0

  • Added privacy guidelines section
  • Added MS WORD electronic version of the Sensitive Information Policy Compliance Agreement
  • Updated to comply with new mandated requirements
  • .docx and .pdf formats support enhanced

Version 2.4

  • Updated to comply with Gramm-Leach-Bliley
  • Updated to comply with Massachusetts and California requirements

Version 2.3

  • Updated General Policy Statement to Include references to PCI and HIPAA Requirements

Version 2.2

  • Updated to CSS Style sheet
  • Modified to comply with Record Classification, Management, Retention, and Destruction policy
  • Update Email record retention compliance requirements

Version 2.1

  • Payment Card Industry Data Security Standard (PCI DSS) Added
  • Best Practices Added
  • Wireless and VPN Added
  • Added as a separate document PCI DSS Audit Program (extracted from PCI standards documentation with modifications)

Version 2.0

  • HIPAA Audit Program Added
  • Office 2007 version Added

Read on Sensitive Information Policy  Order Sensitive Information Policy  Download Selected Pages