Sensitive Data Protection Initiative (SDPI)

Through the Sensitive Data Protection Initiative and these policies, we will increase awareness of this issue and reduce or eliminate our use of sensitive data across the campus, thereby protecting the privacy of the individuals who have entrusted us with their personal, sensitive information and reducing their risk of having their identity stolen.

-- Provost Mark Nook (April 2009)

The Sensitive Data Protection Initiative is a campus-wide initiative to protect highly sensitive university data through a combination of projects, technology, and cooperation. Previous work to secure sensitive data concentrated on servers, network security, and awareness. While this is crucial for overall security, a similar effort was needed to focus on business practices and how sensitive data was being used. SDPI is the name we have given to this effort.

The overall objective of SDPI is to protect or eliminate the use of High Risk sensitive data across campus, thereby reducing the risk of unintended disclosures and subsequent damaging effects to individuals and the institution. The directive to accomplish this is not just to meet our legal requirements. It is our obligation to protect an individual's data (such as SSN) from current threats like identity theft or stolen bank account information.


Campus policies define High Risk data and outline employee responsibilities for protecting it.  Revisions to business practices make it easier to protect sensitive data.  For an overview of the policies and current projects under the SDPI umbrella read our key areas page.

Employees are being asked to scan their computers for High Risk data using software called Identity Finder.  For information on how to use Identity Finder, click here.