When storing sensitive data, it is important to assess the risk that collecting sensitive information may pose. Whether you are making changes to what's collected, how the data is used, or to the system that collects the data, it is important that assessments are performed by those collecting the data. This applies not only to CivicPlus (The Data Custodian) but most importantly to you (The Data Owner).
Personally Identifiable Information (PII) Confidentiality Safeguards
The safeguards put in place cover operational, privacy-specific, technical, and physical security controls. While the Data Custodian (CivicPlus) is responsible for most of the physical and technical controls. It is important that a Privacy Impact Assessment (PIA) is performed to assess and mitigate risk.
- Operational Safeguards
- Policy and Procedures
- Security Training and Awareness
- Privacy-Specific Safeguards
- Conducting Privacy Impact Assessments
- Minimize the Use, Collection, and Retention of PII
- Technical and Physical Safeguards:
- CivicPlus security controls are based on the National Institute of Standards and Technology (NIST) Special Publication 800-53 Rev 5 Security and Privacy Controls for Information Systems and Organizations.
- Data is stored in Azure (FedRAMP, NIST, and FIPS Compliant Databases).
- Data is encrypted in transit and at rest (see encryption standards below).
- AES 256: The effective standard for the Federal Government established by the National Institute of Standards and Technology (NIST). It is a high performant and requires few resources.
- Encryption Key Management: Using Azure Key vault ensures that we can securely store the encryption keys, and limit access to the keys. Azure Key Value uses FIPS 140-2 Level 2 validated hardware security modules (HSMs).
- For the HCMS, there is 1 encryption key per HCMS app, and that encryption key is stored in a separate key vault, apart from the encrypted items.
- We also encrypt portions of the encryption access logs including IP addresses.
- Data: Data and files uploaded will be encrypted in transit and at rest.