Data Privacy
take control of your data
Data Privacy: Take control of your data
Data Privacy Week began as Data Privacy Day in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. The National Cybersecurity Alliance (NCA), the nation's leading nonprofit, public-private partnership promotes cybersecurity and privacy education and awareness.
Your online activity creates a treasure trove of data. This data ranges from your interests and purchases to your online behaviors, and it is collected by websites, apps, devices, services and companies all around the globe.
Your data is valuable! You can help manage your data privacy with a few repeatable behaviors. Find more information and resources here.
Quick Links
Get Smart About Data Privacy
Get Smart About Data Privacy
Privacy Starts With Us: Colorado State Employees Gear Up to Champion Privacy
Data Privacy Week, taking place January 27–31, 2025, is a yearly initiative dedicated to raising awareness about the importance of personal data protection. Celebrated worldwide in the final week of January, it aims to educate individuals and organizations about their data rights, emphasize the need for secure information management, and promote responsible data practices.
As State of Colorado employees, we manage sensitive information every day. We are entrusted by citizens who depend on us to protect it. Data privacy is a shared responsibility, not just an IT concern. Whether accessing records, handling documents, or using email, we all play a critical role in safeguarding information. Beyond compliance and policies, it’s about protecting the people we serve, preserving public trust, and supporting the values and systems that keep Colorado strong and effective.
Data privacy focuses on the right to safeguard personal information in the digital world. So what are some of the different types of protected data?
Personally Identifiable Information (PII) includes any information that can identify an individual, such as names, Social Security numbers, addresses, phone numbers, or driver’s license numbers.
Protected Health Information (PHI) includes medical records, insurance details, and any health-related data tied to an individual’s identity.
Federal Tax Information (FTI) includes Social Security numbers, earnings, wages, payments from retirement income, filing status, tax refunds, and any other information on federal tax returns.
Criminal Justice Information (CJIS) includes sensitive information about criminal activity, investigations, and individuals involved in the criminal justice system.
Family Educational Rights and Privacy Act (FERPA) is a federal law that protects the privacy of students' education records. FERPA applies to public and private schools, as well as state and local education agencies that receive federal funds.
Financial information includes payment card data, bank account numbers, tax information, or any information related to financial transactions.
42 CFR Part 2 includes any information about a patient’s substance use disorder treatment.
How We Can Protect Our Data
Be Able to Recognize and Report Phishing Emails: Use Gmail’s PhishAlarm button to Report a Suspicious Email.
Report Suspected Breaches: Notify the Service Desk immediately if you suspect a data breach or accidental exposure.
Think Before You Share: Verify requests for sensitive data and share only with authorized parties.
Secure Your Workstations: Lock your devices when away from your desk and avoid using unfamiliar or public Wi-Fi to access sensitive information without being on the GlobalProtect VPN. A VPN creates a secure, encrypted connection between your device and the Internet. This makes it nearly impossible for hackers, third parties, or internet service providers to intercept or exploit our data.
Understanding Protected Data:
A Guide for Colorado State Employees
A Guide for Colorado State Employees
As Colorado state employees, we’re entrusted with sensitive data that citizens rely on us to protect. During Data Privacy Week, let’s take a moment to understand the different types of protected data we handle at a high level and the regulations that guide us in safeguarding it.
By staying informed, we will uphold the required legal compliance and our community's trust.
Types of Protected Data and Their Regulations
1. Personally Identifiable Information (PII)
What It Means: PII includes any information that can identify an individual, such as names, Social Security numbers, addresses, phone numbers or driver’s license numbers.
2. Protected Health Information (PHI)
What It Means: PHI includes medical records, insurance details and any health-related data tied to an individual’s identity.
3. Student Information
What It Means: This includes academic records, enrollment details and any information about a student’s identity.
4. Financial Information
What It Means: This includes payment card data, bank account numbers or any information related to financial transactions.
5. Federal Tax Information (FTI)
What It Means: This refers to any tax return or return information received from the Internal Revenue Service (IRS) or obtained through an authorized source, such as Social Security Administration data used for tax administration purposes. It includes details such as taxpayer identification numbers, income amounts, filing statuses, tax payments and other data derived from or relating to tax returns.
Your Responsibilities as a State Employee:
Adhere to the Statement of Compliance.
Adhere to the State’s Technical Standards and Policies.
How We Protect Data Every Day
Think Before You Share: Verify requests for sensitive data and share only with authorized parties.
Secure Your Workstations: Lock your devices when away from your desk and avoid using unfamiliar or public Wi-Fi to access sensitive information without being on the GlobalProtect VPN.
Follow Encryption Practices: Use approved tools to encrypt emails and files containing protected data.
Report Suspected Breaches: Notify the Service Desk immediately if you suspect a data breach or accidental exposure.
Why It Matters
Data Privacy Week is a great reminder that protecting sensitive data isn’t just about legal compliance—it’s about serving and respecting the people of Colorado who trust us with their information. Let’s continue working together to safeguard the data we handle and uphold the privacy and security standards that make us trusted stewards of public resources.