Keep Confidential Data Secure

Understanding how to keep confidential data secure is an important part of technology security. The information below has been simplified somewhat so that it is easier to understand as an introduction to these issues.

Federal and state laws and University policy indicate that

Confidential data must be stored, delivered, and removed securely.

but this is much easier said than done.

Information security:

  • is a very complicated topic—administratively, politically, socially, and economically.
  • is a moving target—there are new vulnerabilities, new exploits, new technologies, and new claims of security every year.
  • has best practices that can change over time.
  • is implemented differently from organization to organization.

These issues are very complicated but also very important for you to understand.

When you haven't been assured that confidential data is being stored, delivered, or removed securely, ask questions.

We encourage you to ask questions of your co-workers and your information technology providers not just now at UCSF but also throughout your entire career as a health care professional.

Why bother?

Protecting confidential data is important and in your best interest because:

  1. It’s ethical: Patients and research participants usually don’t want your data about them shared with anyone in a way that associates names or personal identifiers with specific data.
  2. It’s less expensive: You can be held personally liable for fines of up to US$250,000 per violation.
  3. It’s less trouble:

    1. Would you want a misdemeanor to appear on the criminal background check required for your next job?
    2. Would you want the licensing board to be notified of your recent failure to protect confidential data?
    3. Are you prepared to spend years in prison?

Once again:

Confidential data must be stored, delivered, and removed securely.

Stored securely

  1. For computers, tablets, and smartphones: All devices must meet UCSF minimum security standards, including device encryption. For mobile devices, see Recommendations for Securing Mobile Devices.

  2. For USB drives and other portable storage devices, see the examples at Recommended Security Products or create an encrypted volume in which you can store confidential data. On Macs, use Disk Utility. On Windows, use the encryption software provided by UCSF.
  3. The backup of your data must be stored securely as well, ideally encrypted. If you're not sure if it is, ask the provider of your backup solution.

Delivered securely

  1. screenshot
    Never send unencrypted confidential data in email—regular email is not secure. To send messages securely from your UCSF email account, add Secure: (Secure colon space) to the beginning of your subject line. This tells the system to deliver your message in a secure manner involving encryption. (This feature is specific to UCSF email and does not work when you send mail from other mail services. Also, this feature is not compatible with LISTSERV mailing lists—don’t use this feature with messages to LISTSERV addresses.)
  2. Double-check that your addressee is the correct person and that the address is spelled correctly.

  3. Don’t forward your UCSF email—Don’t use Gmail or any other external email service to check your UCSF email. Don’t forward your UCSF email to any outside mail service. If a colleague of yours happens to send unencrypted confidential data to your UCSF email account, checking or forwarding email in this manner exposes that confidential data to parties not authorized to have access to that data. Details: Using an External E-mail Account.
  4. When using mobile devices—Checking UCSF email on mobile devices is riskier than on non-mobile devices because they are more easily lost and stolen. You cannot predict when a colleague might send unencrypted confidential data to your email account, and you cannot predict when your phone will be lost or stolen.

    1. Safest: Avoid doing so if you can—this is the safest action to take.
    2. Almost certainly safe: Use the device’s web browser to check UCSF email at Webmail will always connect securely.
    3. Somewhat safe: Download messages to your device using methods described on UCSF web pages.
    4. Unsafe: Any checking of UCSF email on mobile devices in scenarios other than described above is considered unsafe.

Removed securely

On nearly all devices, deleting something doesn’t erase the data by default; it only updates a storage allocation table to mark that space as available. The data appear to have been deleted, but someone with the right access, knowledge, and tools can recover the data, sometimes very easily.

Follow instructions provided by the manufacturer to restore the operating system to its initial state. For example:

If the device no longer operates normally, it should be securely destroyed. See Secure destruction below.

Secure destruction

Don’t attempt to destroy equipment yourself since:

How to securely destroy confidential data:

Faculty and staff

  • The Office of Sustainability offers regular e-waste recycling events that are advertised via e-mail announcements and posters. You can dispose of devices containing confidential data at these events, and they will be destroyed securely. See Upcoming Events or contact them at [email protected].
  • Our Data Center Operations team accepts many devices and securely destroys them at no cost to the UCSF community. You just need to deliver them in person. See Drive, Tape, and Data Destruction.


Use a service provider focused on secure disposal of equipment such as:

Related info


Contact your program’s administration office or contact Information Technology.

Go to: Technology Security