Security Breach Notification

University Policy

Universitywide policy provides for notification of individuals in instances of security breaches through which unauthorized individuals are reasonably believed to have acquired personal information, and requires that the campuses and UCOP develop local implementation plans. The policy is found in Business and Finance Bulletin IS-3, "Electronic Information Security," in section IV.E.

• Campus and UCOP Implementation Plans for Security Breach Notification
• Determining Notification in the Event of a Security Breach
• Sample Text for Notification Letters
• California Law about Notification in Instances of Security Breaches, effective July 1, 2003: California Civil Code Section 1798.29
• GAO Report on Data Breaches and Identity Theft (2007)
• IT Security at UC

What To Do If You're a Victim of Identity Theft

• Office of Privacy Protection
• California Department of Motor Vehicles
• Department of Education