University Policies, Procedures, and Principles
UCI Information Access and Disclosure:
- 714-15 Policy on Access to University Administrative Information Systems
- 714-16 Procedures for Accessing University Administrative Information Systems
- 714-17 Using University Administrative Information Systems
- 714-18 Computer and Network Use Policy
- 720-10 Information from Public Records (California Public Records Act) - Guidelines
- 720-11 Privacy of and Access to Information (Excluding Student Records) - Guidelines
- 720-12 Student and Student Applicant Records - Guidelines
UC Information Access and Disclosure:
- BFB-IS-2 Inventory, Classification, and Release of University Electronic Information
- BFB-IS-11 Identity and Access Management
- BFB-RMP-7 Privacy of and Access to Information Responsibilities
Laws Protecting Personal Information
State of California
- California Breach Notification Law (Civil Code §1798.29)
- California Law Restricting Display of Social Security Numbers (Civil Code §1798.85)
- California State Constitution (Article 1, section1) - declares right to privacy.
- California Information Practices Act of 1977 (Civil Code §1798 et seq.) places limits on collection, use, and maintenance and dissemination of personally identifiable information.
- Federal Law to Protect Consumers' Personal Financial Information: Gramm-Leach-Bliley Act of 1999
- Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Family Educational Rights and Privacy Act (FERPA)
- The Privacy Act of 1974, 5 U.S.C. § 552a - regulates the collection, maintenance, use and dissemination of personally identifiable information by federal executive branch agencies.
Education and Training
*NEW* Procurement Software Purchase Training is available here: Compliance in a Data-Driven World: The NEW Software Purchasing Process
You can access information privacy and security online courses via the UC Learning Center. (UCINet ID and password required.) Login and type the following course names in the search box:
- Cyber Security Awareness Training
- HIPAA (This will bring up several trainings, including the Privacy and Security HIPAA Training and the Office of Research HIPAA Research Tutorial)
- California Public Records Act Training (which also includes training on the Information Practices Act of 1977)
For FERPA training, please contact FERPA Analyst Mark Fonseca at 949-824-9672 or firstname.lastname@example.org. Both individual and departmental training can be provided.
External Resources For Everyone
See Protect Your Own Data page.
Sample Federal Privacy Notice (pdf)