Data Privacy and You

January 28 is International Data Privacy Day. Do you know how to protect your data?

DPD-website-banner2-croppedThe operations of the Faculty of Medicine depend on its ability to move information from place to place. Whether it’s producing a student evaluation, partnering with another institution for medical research, or coordinating a new employees’ direct deposit, we move and store information electronically as a day-to-day activity.

Yet, the information, or data, we send electronically can make us vulnerable to online attacks. International Data Privacy Day, held every year on January 28, reminds us to think carefully about how to protect our personal information and the personal information of others. As faculty and staff of a university, we not only need to be conscious of protecting our own information, but also act as stewards for the information trusted to us.


Data stored on Faculty of Medicine computers and servers includes personal information, like staff and student addresses, grades, evaluations, and payroll information. Under The Freedom of Information and Protection of Privacy Act (FIPPA), it is our legal responsibility to ensure that we protect this information as best we can.

FIPPA serves to make public bodies more accountable and to protect privacy. Under FIPPA, UBC and other public bodies are responsible for the safeguarding of personal information trusted to them. Personal information can include biographical, financial, educational, and employment information. Information stored electronically is especially vulnerable to loss or misuse, which is why it is important to be aware of safe data privacy practices.

Actions you can take:

  • Create strong passwords. Use eight characters or more and create different passwords for each system you use.  Change your passwords every three months for maximum security. Take a look at the “Passwords” page on the MedIT Service Catalogue for tips on how to create an effective password and instructions to reset your Faculty of Medicine password.
  • Be wary of phishing attempts. Phishing emails attempt to trick recipients into providing personal or financial information for the purpose of committing fraud. Be suspicious of emails that ask for personal or financial information, or ask you to click a link to access or verify your account. Learn more about phishing from UBC’s Information Security Office.
  • Use anti-virus software. All Faculty of Medicine computers are installed with the Sophos Enterprise Security Suite to protect your data and systems from viruses, spyware and adware, rootkits and suspicious files and behavior. It is provided free to all UBC faculty, students and staff at Vancouver and Okanagan campuses.
  • Be conscious of where information is stored. The smaller an electronic device is, the more likely it is to be lost or stolen. Familiarize yourself with encryption requirements and methods for mobile devices. Additionally, under FIPPA, personal information may not be stored or accessed outside of Canada. This means that we have to be careful about the information that is put into “cloud computing” applications such as Google Docs or Dropbox. It is safest to utilize resources provided by the Faculty of Medicine (i.e. MedNet, FASMail, MEDICOL) to ensure information is stored in Canada.

There are many other measures that you can take to protect your own personal information and the information that you act as a steward for. Access the resources listed below to learn more. If you have any questions about the actions listed above, please contact the MedIT Service Desk.

Additional Resources