Alan_Brown wrote:So this is actually an even stronger statement than requiring password protection -- it simply says that no confidential files should be stored on the hard drive at all.
I noticed that passage in the older verison of the policy, too. I think a reasonable interpretation of that provision is that such files should not be left sitting on the hard drive, just as confidential papers should not be left sitting on the clerk's desk. But it seems okay to have them there while working in private.
For example, I think our ward clerk sometimes does one MLS export to the hard drive, then copies the four csv files to the flash drives of the bishop, a counselor and himself. (The other counselor is a Blackberry man, so he's out of luck.) The policy problem would arise, I think, if the clerk fails to delete the files behind himself. Similarly, there could be other working files in spreadsheets or word-processing docs that would be confidential. They shouldn't be left on the hard drive either.
Maybe I'm wrong, and a strict textual interpretation requires the use of removable media even while working on confidential files temporarily. That would keep them out of reach of a file-restore utility. I don't know anyone who does that routinely. So if this is the intent, it needs to be underscored in training. And administrative computers should be provisioned with a file-shredder utility as a backstop.