Protection of Personal Information

University Policy

The University seeks to safeguard and ensure the privacy of any personal data that it utilizes during the course of its operations. Universitywide policies that provide guidance to campuses and departments about the appropriate use of personal data include the following:

Legal Requirements on Privacy of and Access to Information, RMP-8
Electronic Information Security, IS-3
IS-3, section IV.D, provides Universitywide policy on notification of individuals in instances of security breaches through which unauthorized individuals are reasonably believed to have acquired personal information, and requires that the campuses and UCOP develop local implementation plans. The UCOP implementation plan provides detailed guidance to UCOP departments for complying with the notification requirements and for managing and protecting personal data:
GLB Compliance Plan
Policies Applying to the Disclosure of Information from Student Records
Policies and Implementation Guidelines for Complying with the Health Insurance Portability and Accountability Act (HIPAA) of 1996

Laws Protecting Personal Information

California Law about Notification in Instances of Security Breaches-effective July 1, 2003: California Civil Code Section 1798.29
California Law Restricting Display of Social Security Numbers: California Civil Code Section 1798.85
Federal Law to Protect Consumers' Personal Financial Information: Gramm-Leach-Bliley Act of 1999
- Federal Trade Commission (FTC) Financial Privacy and Safeguarding Rules Pertaining to the G-L-B Act
- FTC Information about Complying with the Safeguarding Rule
Health Insurance Portability and Accountability Act of 1996
Family Educational Rights and Privacy Act (FERPA)

What To Do If You're a Victim of Identity Theft

Information Technology Services

Protection of Personal Information

University Policy