Digital Cleanup Program
This program is a 3-day annual effort to identify and remove sensitive data or data that is no longer necessary.
- Identify sensitive or confidential data
- Remove, redact, or report sensitive or confidential data
- Remove unnecessary old and large files from network drives
- Review Junk Email folders and Email Archive policies
Day 1: Identify Sensitive Data
Identity Finder is software that can find — and, after review, delete — sensitive personal information, such as Social Security numbers and credit card information, that is stored on a personal computer/file share.
Day 2: Remove Sensitive Data
After searching for sensitive data with Identity Finder, the data will need to be reviewed to determine whether the file can be deleted, redacted, or reported.
- Please visit our Identity Finder Guide to learn how to review the results of a search.
- Please visit this guide to learn more about what data you can delete and keep.
Day 3: Remove Unnecessary Files & Review Email Policies
Remove Unneeded Files
Many emails and files are saved and forgotten. Data that is no longer needed takes up valuable server storage space, backup disks, and may pose a security risk.
- Please use this guide to learn how to review files on your U: drive and remove all the data that you no longer need.
Review Junk Email and Automatic Archive Policies
In Outlook 2010 and newer, Microsoft automatically archives messages that are older than 2 years. Archived messages are still searchable and easily accessible as long as you are connected to the Internet.
Now is also a good time to review your Junk Email folder. Though there is a general spam filter in place for email, Outlook will also mark certain messages as “Junk” and move it to your “Junk Email” folder.
Once you have completed all components of the digital cleanup program, please fill out this survey.
Why is this important?
One prominent area of risk is threats to confidential, personal or proprietary data that could cause significant harm to individuals or to Penn if compromised. Federal and state laws, industry practices, and principles of data stewardship have all driven home the fact that individuals who create, use, or maintain Confidential University Data are responsible for adequate protection of that data.
Please ask yourself two questions while examining our storage systems (both in paper, and on our computers).
1.) If I won the lottery and never returned to work, would my successor understand my filing and directories systems and actually need the info I’m keeping there?
2.) Is it necessary I keep this for business purposes?
The Best Way To Protect Data Is To Not Have It
While much data at Penn is necessary to our every day operations and to serving our mission, there is a lot of data in offices and computer systems that is no longer needed nor required to be kept. This unnecessary data should be destroyed to protect the individuals whose data is in these files and to protect Penn.
- Please see this guide to learn more about what data to delete and what data to keep.
- If you need to keep sensitive data for your work, please report it here.
Review Penn Policies
We have gathered together an Overview of Penn’s Security & Privacy Policies. Please take a look and keep up to date on these resources, but here are some policies relevant to the cleanup program: