Chapter 4: Protecting and Securing Information
Anchor: #i999954Section 1: Disposition and Security of Information
Anchor: #i999959Overview
Information is more accessible with the advancement of technology. Today, data resides on different application platforms, websites, and cloud servers, making the protection of that information more critical to maintain confidentiality and privacy. Information is created with every keystroke, click, swipe, voice, and video recording. It is critical to maintain confidentiality and privacy to protect from data breach, stolen identities, loss of privacy and property. For state agencies, data breaches can be costly, time-consuming and result in exposure of confidential information. For TxDOT, data breaches can result in loss of confidential or valuable information.
Anchor: #i999969Disposition of Information
When data is kept longer than required TxDOT incurs unnecessary budget to store, maintain and protect the integrity of the data and associated records in storage systems. When data is kept permanently, the agency risks access to sensitive data by non-authorized parties which may result in the loss of confidential or valuable information, as well as not following TxDOT records retention. Therefore, disposition of information is important.
The process of disposition in when an official record is destroyed or transferred to Texas State Library and Archives Commission – State Archives. Dispositioning data in the ordinary course of business is a cost benefit, as well as a way of protecting and securing records for the agency and the public.
For more information on the disposition process at TxDOT, refer to Chapter 10 “Inactive Records” and Chapter 11 “Archiving and Destroying Records”.
Anchor: #i999989Information Security
Texas State Library and Archives Commission and Texas Department of Information Resources provides rules and guidelines for state agencies to use for the protection of confidential information. Refer to the following for additional information:
- Anchor: #OIWEUCTE
- Records Management State Agency Laws and Rules - Section 6.97(b) of Bulletin 1, “Electronic Records Standards and Procedures” requests all electronic records scheduled for disposition are securely disposed of in a manner that ensures protection of confidential information. Anchor: #NXSQJXLV
- Records Management State Agency Laws and Rules - Section 6.97(c) of Bulletin 1, “Electronic Records Standards and Procedures” requires state agencies to establish and implement procedures that address the disposition of electronic official records by staff in accordance with the Records Retention Schedule. Anchor: #MIIWVRMA
- Texas Department of Information Resources “ Data Classification and Management Policy” is a framework for properly classifying and managing data assets.
Disposing of information in accordance with the Records Retention Schedule will reduce the volume of records in the storage systems, therefore reduce risk, create space, and free valuable resources by eliminating non-valuable records so systems can be used to provide timely access to official records.