UCI Information Security and Privacy Policies

keyboard and gavel

Laws and Regulations


FERPA: Federal Family Educational Rights and Privacy Act of 1974

HIPAA: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules

Payment Card Industry (PCI): PCI SSC Data Security Standards Overview

Gramm-Leach-Blilely: UCOP Gramm-Leach-Bliley (GLB) Act Compliance (pdf)

Information Security Policies and Guidelines


The University of California is committed to high standards of excellence for protection of information assets and information technology resources that support the University enterprise.

University of California UC Irvine

Privacy Policies and Guildines


The University of California offers information privacy protections to students, faculty, and staff. Campus service providers must take a broad view of their privacy and confidentiality responsibilities, such as minimizing invasion into private lives. The University recognizes that principles of academic freedom and shared governance, freedom of speech, and privacy hold important implications for the use of electronic communications.

Administrators, programmers, etc. may not examine or disclose electronic communications records, or their content, without the holder's consent. Proper approval must be obtained to access electronic communication records without user consent. University policy requires that its employees take necessary precautions to protect the confidentiality of personal information encountered either in the performance of their duties or otherwise.

See: UCI Privacy Policies