Effective Date: December 2007, Updated December 2021 Contents Purpose Overview and Scope Exception from Minimum Security Standards Exception Requests Covering Legacy Systems Compatibility Exemptions Enforcement Minimum Security Standards System Inventory and Protection Level Classification (PLC) Transmission of Restricted Information

Standard has been moved to the UCSF IT Security Intranet Site.

What you need to know Customers must: 

Background Exempt positions Trainees Volunteers Employees of affiliated organizations Exempt title codes   Geographic service area Basic science research exemption

What you need to know Basic Desktop Support is available for computers and devices that meet the following criteria:

I. Introduction The use of wireless networking provides a more versatile way to access the Internet, broadening the scope of mobile computing. With the added benefits of a wireless network, there comes additional responsibility and additional risk. Authorized Users must be aware of the inherent security issues that exist in a wireless environment. Caution must be exercised to ensure a safe, secure, and reliable computing environment and reduce the risk of a security incident.

What you need to know The 18 Protected Health Information (PHI) Identifiers include:

Role Responsibilities Notes

What you need to know Digital Millennium Copyright Act (DMCA) UCSF complies with the provisions of the Digital Millennium Copyright Act (DMCA). If you have a concern regarding the use of copyrighted material on any site on the UCSF network, please contact the agent designated to respond to reports alleging copyright infringement. Designated agent The current designated agent for the UCSF campus to receive notification of claimed infringement under Title II of the DMCA is on file with the U.S. Copyright Office.

I. Purpose This document outlines the requirements for information security incident investigations at the University of California, San Francisco (UCSF). Effective incident response is essential in mitigating damage and loss due to an information security incident. Proper handling minimizes the disruption to workflow and ensures compliance to federal, state, and University laws, rules, regulations, and policies. This document satisfies the requirement in BFB IS-3 Information Security for Incident Response Procedures.

Effective Date: October 1, 2006 1. Purpose This document provides an overview of computer incident response and investigations procedures at the University of California, San Francisco (UCSF), as mandated in UCSF Policy 650-16 Addendum C: Incident Investigation.

Compliance with the peer-to-peer (P2P) provisions of the Higher Education Opportunity Act (HEOA)   I.    Introduction  II.    Technology-based deterrents             A. Traffic monitoring             B. DMCA notice response

Overview By following application and website security best practices, application owners can take proactive steps to eliminate or significantly reduce vulnerabilities in software before deployment. These vulnerabilities potentially provide attackers with the ability to take control of a server or computer, which can result in the compromise of UCSF data and personal data, denial of service, loss of service or damage to a system used by thousands of users. By reducing the numbers of vulnerabilities, UCSF data and personal data is better protected.

Stop the most common method of information theft Many information security breaches do not occur through the Internet but because the device containing information is misplaced, lost or stolen.

Access Without Consent to Electronic Communications Records A. Authorization An electronic communication holder's records may be inspected, monitored, or disclosed without the consent of the individual but with the approval of the authorizing Vice Chancellor (see Appendix A, Definitions) under the following conditions:

Overview As healthcare continues to undergo digital transformation, networking technologies serve an increasingly vital role: Enabling Electronic Healthcare.

Why have Web style guidelines? Each UCSF website provides an opportunity to make a strong positive impression on our audiences. In this, an attractive and consistently applied style for presenting graphics and other visuals plays an important role. We have put together a set of best practices guidelines for ensuring visual consistency across all UCSF-affiliated websites. These guidelines cover: Web banner and main navigation Logo lock-up placement and sizing Application of the graphic system  The proposed designs:

How to report a digital accessibility issue If you cannot access website or web application content or use a feature due to a disability, please report an accessibility issue. Web accessibility statement UCSF commits to an online environment accessible to everyone, including individuals with visual, auditory, motor or cognitive disabilities. Improving accessibility benefits us all by helping to: improve Search Engine Optimization (SEO),