Making the wrong choices when storing or sharing sensitive data can lead to data losses and leaks, resulting in serious repercussions for you and for Imperial College London.

It is vital that sensitive information is adequately protected.

What is sensitive information?

This kind of data is considered sensitive and should be encrypted:

  • commercially sensitive administrative or planning data;
  • commercially sensitive research data;
  • personal data covered by the Data Protection Act (read Data Protection);
  • personal financial data (read our Data Loss Prevention practices);
  • Patient Identifiable Data held for research purposes (see below for guidance);
  • data protected by confidentiality agreements with third parties.

Store and share sensitive data

There are many options available to help you store and share sensitive information securely and to encrypt your data.

Data Loss Prevention

Data Loss Prevention

Sensitive data as defined by College policy needs to be protected from accidental disclosure. Data Loss Prevention helps Imperial College achieve this by checking for sensitive data included in email and Sharepoint Online, when shared externally.

What type of data is being monitored? 
TypeExample
 Uk Financial  Credit Card Numbers
   EU Debit Card Number
   SWIFT Code
 
Summary of the table's contents

If you do include any of the above sensitive information in your email or work and attempt to send it outside of the College network, you will receive the below message:

 Data loss prevention warning

At this stage, this message is just a warning and no further action is required, your email will be sent as normal. 

If you think you have recieved the above messgae in error, please contact the ICT Service Desk who will investigate further.