Protecting Personal Information at UBC

Last updated: June 30, 2025
Protecting Personal Information at UBC

Faculty and staff at UBC play a crucial role in safeguarding personal information. This information, which can include student grades, employee social insurance numbers, and health data, deserves robust protection from unauthorized access, disclosure, or loss.

Why is it Important to Keep Personal Information Safe?

Personal information in the wrong hands can lead to identity theft, financial fraud, and reputational damage. By taking steps to secure this data, we protect not only ourselves and our colleagues but also the individuals whose information we handle.

How Can I Help Protect Personal Information?

Here are some key practices to adopt:

  • Encrypt Your Devices: Strong encryption scrambles data on your computer and mobile devices, making it unreadable to anyone without the decryption key. Learn more about encrypting your devices at How to Encrypt Your Devices.
  • Use Secure File Sharing: When sharing files containing personal information, utilize UBC-approved services like TeamShare or OneDrive. These services offer secure storage and access controls. Find more information on UBC file-sharing services.
  • Minimize Data Retention: Don't store personal information longer than necessary. Regularly review and delete files you no longer need.

Protecting Personal Information in the Office:

  • Building Strong Passwords:
    • Enforce complex passwords with at least eight characters, including upper and lowercase letters, numbers, and symbols.
    • Consider using passphrases (minimum 16 characters) for enhanced security.
    • Never use work passwords for personal accounts.
  • Downloading and Storing Wisely:
    • Download only the minimum amount of personal information (PI) required for your work.
    • Clean data to remove unnecessary information before storing it securely.
    • Utilize encrypted network folders and avoid storing PI on local machines or unencrypted devices.
  • Sharing with Caution:
    • Adhere to the principle of "least privilege." Share only the essential PI with authorized individuals.
    • Leverage secure channels like network folders for information sharing.
    • Never send high-risk information like Social Insurance Numbers or health data via email. If email is unavoidable, encrypt the attachments.
  • Retention and Disposal:
    • Retain PI only for the period dictated by business needs.
    • Before transferring, selling, or discarding a device, ensure all PI is securely removed.

Go Further...

  • Article

Privacy Matters @ UBC

Safety & Risk Services | 2389 Health Sciences Mall
University Counsel | 6328 Memorial Road,
UBC Cybersecurity | 6356 Agricultural Road
E-mail privacy.matters@ubc.ca

UBC Crest The official logo of the University of British Columbia. Urgent Message An exclamation mark in a speech bubble. Caret An arrowhead indicating direction. Arrow An arrow indicating direction. Arrow in Circle An arrow indicating direction. Arrow in Circle An arrow indicating direction. Chats Two speech clouds. Facebook The logo for the Facebook social media service. Information The letter 'i' in a circle. Instagram The logo for the Instagram social media service. Linkedin The logo for the LinkedIn social media service. Location Pin A map location pin. Mail An envelope. Menu Three horizontal lines indicating a menu. Minus A minus sign. Telephone An antique telephone. Plus A plus symbol indicating more or the ability to add. Search A magnifying glass. Twitter The logo for the Twitter social media service. Youtube The logo for the YouTube video sharing service. Bell Warning