Use the best-practice procedures in this policy, including classification, encryption, access control and secure storage measures, to secure your organization’s data.

Sensitive data handling procedures outlined in this document include: 

• Attach a classification to all documents stored or processed in the company’s electronic systems
• Ensure that the classification applies to all forms of the information asset in a consistent and auditable manner
• Ensure that all data classified above the company’s internal use that is transmitted by spoken word, including mobile phone, voicemail and answering machine, considers its level of data classification and due diligence to label the data as such