- 3 Posts
- 385 Views
- Role based security
- Application security on running P0030A Bank Accounts by Address (and only one role can add/change/delete)
- Column security to restrict viewing bank account/bank transit fields on F0030
- Column security to restrict viewing Tax ID in F0101/W03013B/W04012A
- Do not copy F0030 records to data warehouse
- Do not copy Tax ID for individuals to data warehouse
- After copying data to non-production environments, we run a set of SQL updates to remove individuals' bank accounts and tax IDs
We are an iSeries DB2, 9.2 apps and 9,2,2,4 tools shop. I am curious to find out how others are managing their risks with PII data? Our internal standards are:
• PII Data is encrypted at rest and in-transit.
• PII Data is not used for any purpose than the original purpose.
• Access to PII data is restricted to "Need to Use".
• PII Data is promptly purged after the original purpose has been met.
• PII Data is not copied or replicated (other than for HA and DR), which means EXCLUDED from moving into BI.
• PII Data is not copied to non-production environments.
The encryption and DON'T COPY requirements seem to be the biggest concern.
I would like to hear how others are accomplishing this.
@steve-dollard A few things we do off the top of my head: