Removal of Security Sensitive Data

Occasionally, security sensitive data is erroneously linked in the Notes and Attachment area of an electronic document (eDoc) within UAccess Financials. This data is required to meet the needs of the University, but must be removed and relocated to an approved PII compliant secure location and viewable only by limited personnel for the sole purpose of meeting the financial needs of the University of Arizona.

Security sensitive data is identified by the Information Security Office. Banking information, social security data, and full credit card details are the most common examples. To ensure compliance with regulatory data the process below is required to properly remove the data from the Notes and Attachment area to the secure "images tab" within the eDoc or a secure location in Accounts Payable.

Follow these steps to ensure the security of regulated data to the highest standard:

  1. Review the notes on the line identified. If the information in the "note" is required for the audit trail, copy and paste this information into a new note and click Add. Add a new note indicating which line of the eDoc requires removal. Click Add.
  2. Adhoc route for Approval, Acknowledgement or FYI depending on status of eDoc to the following UAccess Financials Group: Group 1057325 UA FSO Attachment Removal
    Please note:  The entire line and attachment will be removed.
  3. After Adhoc routing to this group no further action is required. Accounts Payable will remove the attachment, place in the images tab or a secure location, and add a note indicating action was taken.
  4. Accounts Payable will Adhoc route the eDoc as FYI to the FSO Attachment Compliance group to actually remove the line details and attachment as indicated in the notes section. This process establishes segregation of duties and an audit trail of activity on the eDoc.

Please contact Accounts Payable at 621-9097 or accts_pay@fso.arizona.edu if you need additional assistance.