Identity Finder - Project SIR

UNC has chosen Identity Finder as the tool we will use to scan and remediate sensitive data on our systems.

SIR Logo

A key component of this project is all University of North Carolina at Chapel Hill faculty and staff are going to perform a scan of their computer using Identity Finder.

You will be responsible for deciding what data needs to be deleted and what data needs to be retained.

What is Identity Finder Finding?

School of Medicine Identity Finder scans will look to identify files that contain the following:

  • MRNs
  • SSNs
  • Passport Numbers
  • Credit Card Numbers

For instance, initial scans of School of Medicine systems have already discovered: patient letters saved locally with name, MRN, and diagnosis information; clinical data including databases (spreadsheets) of clinic patients, appointments, and health information; reimbursement forms with internal and external social security numbers; and a host of files with user's personal information including passwords to all of their accounts, credit card numbers, and tax return information including their SSN.

Easy Guide to Remediation

Identity Finder has been successfully installed on your Windows computer. We have verified the proper registry keys are set for reporting and are ready to get underway with scanning and remediation of your local hard drive(s).

Please recall the goal of Project SIR: removal of University-owned sensitive information from your local hard drives. All University data should be stored on professionally managed network storage. (We understand there are exceptions to this, but for the most part, data is better protected on server space than on a local device.)

In an attempt to minimize the impact on University business processes, we created this Easy Guide to Remediation. 

Prior to Scanning 

  1. Clear you Internet Browser’s History. (This step will significantly decrease the number of files you need to remediate.) See the link below for instructions:
  2. Identify your department’s secure network storage. Your local IT Support should be able to help you. Otherwise, contact OIS at At this point, any data you move off of your system will improve scan and remediation time. The same goes for data you delete prior to scanning.

Run the Scan (Friday Afternoon)

  1. The scan itself can take a long time. We suggest you start the scan on a Friday and let it run through the weekend.
    1. Open Identity Finder.
    2. Click File.
    3. Click Start Search.

Pre-Remediation (Monday Morning)

  1. Save your Scan Results. (If you do not save the results, you may need to re-run the scan.)
    1. Click File.
    2. Click Save As.
    3. Name your scan.
    4. You will be prompted to save it with a strong password. Do that.
    5. Click 'Advanced' to begin Remediation.

     2. Watch this short (less than 2 minutes) video before you begin. It will help orient you to the Identity Finder interface.



The scan shows all files Identity Finder believe contains sensitive information. You may have a number of false positives. This is expected. Follow the steps below for all identified files:

  1. If you need to keep the file:
    1. Within Identity Finder, note the location of the file.
    2. Open Windows Explorer.
    3. Locate the file and move it to your department’s secure network storage.
    4. Continue your Remediation
  2. If you no longer need the file, SHRED it via Identity Finder.
  3. For the files that remain, IGNORE them via Identity Finder.


 Easy Remediation


Thank you for your time and effort with this project. You can now rerun the scan to insure remediation.


For More Information about Project SIR:

 For technical assistance regarding Identity Finder, please contact your local IT support or OIS using the Help Desk Click To Chat button below.