Faculty and Staff

Preventing Identity Theft and Securing Personal Information

Last updated August 14, 2009 1:44:29 PM PDT
Give more feedback

New state legislation impacts how the campus uses and protects personal information.

According to the law, UCSD needs to notify individuals if their computerized personal information is (or may have been) disclosed or acquired by an unauthorized person. Should the campus fail to comply, UCSD may be charged substantial penalties for mishandling personal information.

Personal information

Personal information is an individual's first name or first initial and last name, combined with one or more of the following data elements, when either the name or the data elements are not encrypted:

  • Social Security number
  • Driver's license number or California Identification Card number
  • Credit or debit card number, combined with any required security code, access code, or password that would permit access to an individual's financial account

Complying with the law

The Administrative Computing and Telecommunications Policy Committee (ACTPC) Security Subcommittee is helping establish campus procedures for notification by:

  • Creating a repository to register your inventory of such personal information
  • Requesting verification of access to the personal information

Campus responsibilities

All UCSD departments and employees need to comply with the new law. The ACTPC Security Subcommittee is relying on MSOs, System Administrators, and DSAs to provide accurate and complete information. DSAs and MSOs should work with their groups to:

  • Review the access granted to users of all systems, other than ACT Business Systems, that contain the data elements listed above.
  • Restrict access to private information unless a user has a true business need.
  • Register data collections that contain private information online. MSOs, System Administrators, and DSAs should work with their business offices to identify local personal information storage.
  • Encourage reporting of suspected security violations.

For more information, contact Gabe Lawrence, (858) 822-3785.

This page has a friendly link that’s easy to remember: http://blink.ucsd.edu/go/identitytheft

Technology

Personal Information

Departments

ACMS

ACT

See Also

Electronic Information Security (PDF)

Civil Code Changes Relating to Personal Information (PDF)

Responsibilities for Securing Private Information

Financial Privacy: The Gramm-Leach Bliley Act