How should UAP Document 301 handle documents containing sensitive information?

• A. Share with all staff to ensure transparency.
• B. Encrypt only when backing up externally.
• C. Restrict access only to system administrators.
• D. Sensitive information must be protected and access restricted to authorized roles; apply redaction or masking as appropriate.

Answer: (D)

Protecting sensitive information relies on limiting who can view it and minimizing what is exposed. The best approach is to ensure that sensitive information is protected and access is restricted to authorized roles, with redaction or masking applied as appropriate. This aligns with the idea of least privilege and need-to-know: people can do their work without seeing data they don’t need, reducing the risk of leaks or misuse while keeping workflows efficient. Implementing this involves clear role-based access controls, regular access reviews, and audit trails so you can verify who accessed what and when. Redaction is used when sharing documents externally or with colleagues who don’t need full details, while masking can be used in ongoing workspaces to hide highly sensitive fields without removing context. For example, HR data might be accessible only to HR personnel with a need to see salary details, whereas contractors might receive a redacted version of a report that excludes sensitive identifiers. Relying solely on encryption during backups misses the point of protecting data in active use and at rest on the system, and restricting access to system administrators excludes many other roles that legitimately need access. Sharing with all staff would greatly increase exposure, undermining confidentiality.