Best Practices for Document Management

Effective document management is essential for maintaining organization, ensuring security, and enhancing productivity across the university. It is a shared responsibility that requires the careful handling of personal data, secure storage, controlled access, and proper disposal—all in compliance with the University of California’s record retention and security policies. To uphold these best practices, we recommend digitizing documents to maximize office space and implementing consistent naming conventions to improve searchability and streamline sharing.

By implementing the following key strategies below, departments can safeguard sensitive information while optimizing efficiency.

 

Privacy Protection

To safeguard sensitive and confidential information, follow these security measures:

• Use encryption and access controls to protect sensitive data
• Keep confidential documents concealed in public areas to prevent unauthorized access
• Never leave confidential documents unattended
• Lock or log off electronic devices when accessing confidential documents or systems before leaving them unattended

 

Data Storage

Proper storage of digital and physical documents reduces security risks and improves accessibility:

• Never store sensitive UCI data on personal or non-UCI devices
• Avoid creating duplicate copies by utilizing a centralized document management system with access controls, such as UCI OIT’s FileNet
• Protect physical document storage locations with locks, surveillance, and access restrictions

 

Record Retention and Security Policies

Adhering to record retention and security policies ensures compliance and data integrity:

• Follow established guidelines for secure document retrieval and disposal
• Stay informed on UC retention and security policies, including:
  • UC Records Retention Schedule
  • UCI Information Security and Privacy Policies, Laws, and Regulations
  • UC Electronic Information Security