Protecting Personally Identifiable Information

University Policy:

Protecting Personally Identifiable Information with Identity Finder

Identity Finder is a UI supported tool used to identify Personally Identifiable Information (PII), in data files and e-mail messages. Identity Finder is capable of searching for financial information, SSNs, and other sensitive data. For a complete list of features included in Identity Finder, see

The UI license agreement makes this software available to University of Iowa and UIHC employees and for departments, to be used on UI owned machines for UI related business, including a single installation of the program for employee personal/home use. The software is not licensed for student or student employee use.  It is available for Graduate Assistants to use.

Where can I get the software?

The software can be downloaded from the ITS Help Desk Software Download web site at  You must login with your University Hawk ID and password to obtain the program.  We recommend using the customized version; however a non-customized version is also available.
Some units will be deploying the Identity Finder software to workstations automatically through the Windows SMS service. You will be notified by your unit if you don’t need to install the software on your work computer.  You will need to install it yourself on your personal/home computer, if there may be university information stored in files there.

Please note: You need Administrator rights in Windows to install the software. If you do not have Administrator rights, please seek the assistance of your departmental IT person. Identity Finder is currently only available for Windows computers.  Macintosh computer users can run the scan via Virtual Desktop (see  Instructions for installing and running the software using Virtual Desktop are available at the ITS Support Center link below.

Request an Identity Finder scan

Identity Finder scan requests are available for University of Iowa ITS managed systems.

Training for Identity Finder

Training Tutorials and Help for using the Identity Finder Software

ITS Support Center for Identity Finder:
(Instructions for downloading and installing, scanning, and working with the results)
ITS Help Desk:  Call 384-HELP or E-mail
Online tutorials are available at
(Includes all aspects of running the software, but is not customized for UI use)

Recommended Actions for Files that are identified with SSN’s

  1. Use the shred function in Identity Finder to securely delete the file (Consider the UI retention policy with respect to official documents - more information is available at
  2. Move the file to a removable media such as a CD, Tape, or DVD, and keep it in a secure (e.g., locked) location.  The quarantine function in Identity Finder can be used for this purpose.
  3. Open and then edit the file to remove or mask the SSN information, or replace the SSN information with another Identifier (such as University ID number, Employee ID number, or any sequential number) and then save the file.
  4. Employ a method to encrypt the file. (It is highly recommended you work with your IT support to ensure encryption is properly set up and encryption keys are securely backed up.) Encryption is not currently available for e-mail.  More information is available at

Recommended Actions for E-Mail

  1. Use the shred function in Identity Finder to securely delete the e-mail.
  2. Create a folder in removable media such as CD or DVD and move (drag and drop) the message/s into it. Keep the removable media in a secure (e.g., locked) location.
  3. Open the E-Mail message, select other options and then select the Edit Message option. Remove the SSN and then save the message.
  4. At present, Identity Finder will not work automatically with any e-mail client other than Microsoft Outlook.  (That is, it will perform only a textual search of mail files on the local computer.)  Please keep posted for future updates.

Other Considerations:
E-Mail that does not constitute an official university record should not be kept longer than its useful life.  Consider deleting business messages older than one year, or move them off-line for archival.
PDF image documents that need to be retained should be in a registered online location. There is no expectation that these be rescanned without SSNs, or deleted (until retention is expired).
Consult with your IT support group for options available to remediate large databases and custom department applications that contain SSN’s.