Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
41 Results
Guideline
UCSF Implementation of the ECP - Access Without Consent
Access Without Consent to Electronic Communications Records A. Authorization An electronic communication holder's records may be inspected, monitored, or disclosed without the consent of the individual but with the approval of the authorizing Vice Chancellor (see Appendix A, Definitions) under the following conditions:
Guideline
IT Field Services - Service Level Agreement
Impacted Services: IT Field Services (ITFS) Desktop Support
Guideline
Recommendations for Securing Mobile Devices
What you need to know The following recommendations apply to all mobile devices, including both personally and UCSF-owned mobile devices, used for UCSF business. Mobile devices include, but are not limited to:
Impacted Services: IT Security Outreach and Training
Guideline
Criteria for Premium Support
What you need to know Premium Desktop Support is available for computers and devices that meet the following criteria:
Impacted Services: IT Field Services (ITFS) Desktop Support
Standard
UCSF 650-16 Addendum E - PCI
Purpose UCSF 650-16 Addendum E - PCI outlines the requirements for information, locations, facilities, and devices processing, storing, or transmitting credit card information. Objective To comply with data security requirements defined by Payment Card Industry Data Security Standards 3.1/3.2 (PCI-DSS)
Impacted Services: IT Security Outreach and Training
Standard
UCSF Policy 650-16 Addendum F, UCSF Data Classification Standard
UCSF_Data_Classification_Standard_08-09-19 (PDF) Document Owner: Patrick PhelanDepartment Contact: UCSF IT SecurityIssue Date: 4/24/17Effective Date: 4/24/17Reviewed/Revised Date: 8/9/19
Impacted Services: IT Security Outreach and Training
Guideline
UCSF IT Security Cloud Computing Guidance - Cloud Service Basics
Overview | What is the "cloud"? The "cloud" is a continually evolving concept that broadly references cloud services, or cloud computing. Cloud services can mean collections of any or all of the following: applications, information, infrastructure components and services provided as pools of resources. The ability for these broadly accessible services to be rapidly provisioned, deprovisioned, expanded and contracted based on demand creates a demand-driven service model, which can be seen as a "Pay for what you use" type of IT service.
Impacted Services: IT Security Outreach and Training
Standard
UCSF 650-16 Addendum G - Third-Party Remote Access Standards
Purpose To establish and set the requirements for a University of California San Francisco enterprise standard for third-party remote access to UCSF networks. Definitions See the University of California - Systemwide IT Policy Glossary for the most up-to-date definitions. Terms that are not in the Systemwide Glossary are defined below.
Standard
UCSF 650-16 Addendum B - UCSF Minimum Security Standards for Electronic Information Resources
Effective Date: December 2007, Updated December 2021 Contents Purpose Overview and Scope Exception from Minimum Security Standards Exception Requests Covering Legacy Systems Compatibility Exemptions Enforcement Minimum Security Standards System Inventory and Protection Level Classification (PLC) Transmission of Restricted Information
Impacted Services: IT Security Outreach and Training
Guideline
Access with Consent
The UC Electronic Communications Policy, Section IV, Privacy and Confidentiality, governs access to electronic communications records. In most circumstances, it is better to obtain the consent from the record holder before accessing records. However, consent is not required in every circumstance (See UCSF Implementation of the ECP - Access without Consent).
Impacted Services: IT Security Outreach and Training