President Yudof forms Steering Committee on Privacy and Information Security
University of California President Mark G. Yudof has convened a steering committee to perform a comprehensive review of existing university privacy and information security policies.
The goal is to develop a new policy framework to address privacy and information security in a modern legal, technology and social context; and to provide clear updated guidance to assist the University in meeting its obligations to safeguard information while at the same time abiding by deeply held principles of privacy.
Clear guidance on data protection and privacy
“The University is obligated by law, and as a steward of the public trust, to protect confidential information,” Yudof said. “At times, technical methods for protecting data … conflict with University principles, such as the affirmation that the University does not monitor electronic communications without the holder’s consent. Given this conflict and our obligations, the University must develop and issue clear guidance about data protection and legal compliance in the context of individual privacy and freedom of expression.”
The UC Privacy and Information Security Steering Committee met for the first time Oct. 25. It is chaired by UC Santa Barbara Executive Vice Chancellor Gene Lucas, with support from Sheryl Vacca, UC Office of the President senior vice president, chief compliance and audit officer, and David Ernst, UC Office of the President chief information officer and associate vice president, Information Resources and Communications.
Recommendations due in 2012
The group is charged with making recommendations by winter 2012 for:
- an overarching privacy framework that enables UC to meet statutory and regulatory obligations in a manner respectful of individual privacy;
- specific actions or phases needed to implement this framework as University policy;
- governance, implementation and accountability structures across the University with respect to privacy and information security; and
- a formal ongoing process through which the University can examine and where necessary, address through policy vehicles the technical and societal changes that have an impact on University policy and practice in the areas of privacy and information security.
Committee membership represents a range of functional areas from the campuses and UC Office of the President, including the Academic Senate, administration, audit and compliance, communications, information technology, legal counsel, libraries, the medical centers, research and student affairs, together with student and staff representatives and policy and privacy experts. A working group with campus and UCOP representation has been formed to provide analytical support to the committee.
See the full membership roster, additional background information and meeting agendas at http://www.universityofcalifornia.edu/privacyinitiative/. Materials developed during the course of the review will be posted to the site, and members of the university community are encouraged to participate in the discussion and submit ideas or questions to firstname.lastname@example.org.
Learn more and stay involved
For updates on this initiative, visit http://www.universityofcalifornia.edu/privacyinitiative/.