Privacy Tips

Dumpster diving is when someone raids dumpsters to find things that are still useful, can be recycled, and have value. In the age of electronic identity theft, it’s surprising that paper records are still extremely vulnerable. But, thieves are digging into dumpsters to find information, usually found on paper records, that they can use to steal personally identifiable information (PII) and protected health information (PHI). Personal identity theft and medical identity theft have become a lucrative business for criminals. 

In our jobs, we need to be very careful what we put in trash cans and recycling bins. Here are a few things to remember:

• Separate the documents and objects that contain personal information from the rest of your trash. Make the items unreadable by fraudsters. (Shredding, for example.)

• Know and follow any data retention policies established by your department. These policies will inform you on how long various types of data must be kept. 

• Follow the established departmental procedures for securely destroying data. There will be separate procedures for paper and electronic records. 

• If you are unsure how to comply with retention and destruction requirements, ask your Privacy Officer.

You should never just throw paperwork away when it could contain private data. It is very important to make sure that both electronic and paper data containing PII is properly disposed of to prevent unauthorized disclosure and use.

Note: Your agency/bureau/department/division may have specific requirements – always check your policies and procedures. If you have questions, contact your Privacy Officer.