The article covers the issues sensitive information management which relates to the business operations. Universities have been studied as the establishments which have the challenge of not managing academic and administrative sensitive information, but also time the personal information of both employees and students. Youngstown State University has been studied and the University’s best practices in managing sensitive information by controlling it have been analyzed. It has been stated that management of sensitive information is not the only practice. There exist different state and local regulations and federal statutes (Family Educational Rights and Privacy Act (FERPA), the Gramm-Leach-Bliley Act (GLBA), Federal Trade Commission Act and others) which may be successfully implemented. As Universities are a commercial organization, the author suggests handling credit card transactions which should comply with the Security Standard of Payment Card Industry Data.
It has been concluded that the program of sensitive information has made progress at Youngstown State University. It is strongly recommended to the organizations which are early in their maturity process to manage their sensitive information and adopt one of the available methodologies, rather than create a new process themselves. Youngstown State University has chosen the FTC program because it offers various printed training materials and an online training program.
The article presents a framework which allows approaching the management of personal and professional sensitive information taking into account the unique requirements of higher education. An extensive literature review provides approaches which are available to help manage sensitive information on campus. It will help to grasp the discussed problems and will be of great use to the students who investigate the related issues.