University Policy 13.12 (Policy on Use of Social Security Numbers) governs the use of social security numbers on campus. It includes provisions restricting the use or social security numbers to approved uses only. See the policy for full details, but in most cases social security numbers may not be stored on computers without explicit permission.
The storage of credit card numbers is regulated by the Payment Card Industry Data Security Standard (PCI DSS). This standard sets strict security requirements for storage of credit card numbers and other credit card data. Being in non-compliance of the PCI DSS can result in heavy fines and even a loss of the ability to accept credit cards. Virtually no systems at UNI may have credit card numbers stored on them. There are only a handful of special computers allowed to process credit card payments on-campus.
Identity Finder is an application purchased by the University to assist in the removal of personally identifiable information (PII) from computers. Identity Finder should be run monthly on most University-owned computers to help ensure that PII is removed. PII includes information such as social security numbers, credit card numbers, and bank account numbers.
Identity Finder can be customized to various departmental needs. UNI computer administrators looking to deploy Identity Finder to their machines should contact Eric Lukens (firstname.lastname@example.org or 3-7434) to determine if a customized version would be appropriate for their area and to obtain a copy of the software.
Additionally, Identity Finder provides a limited-functionality version of their software that may be used on personally-owned computers for free. Visit the Identity Finder website for more information.