2019 Annual Data Inventory

Each of us has a critical role in protecting the security and privacy of information. As a general rule, unless law, policy, business or research needs require storage of restricted data (now referred to as “protection level 4” or P4 data), they should be eliminated. If P4 data must be stored, we must ensure they are also properly secured.

Know What You Have

The first step in safeguarding data is to know what you have. Use the definitions on the security website to identify P4 data under your control.https://security.uci.edu/security-plan/plan-classification-protection.html

Review Devices

We ask that you review electronic devices under your control (including tablets, phones, and removable media) and remove or secure any files or records that contain restricted information. These data elements should not be stored in consumer cloud services: https://security.uci.edu/cloud.html

Inform Your Information Security Coordinator

If you need to collect, use, and store P4 data, electronically or on paper, please inform your Information Security Coordinator no later than Friday, March 8th. Your coordinator maintains an inventory of data resources to facilitate risk assessment and compliance with law and policy. With assistance from the OIT IT Security group, your Coordinator can help you determine the best way to protect your data.

Protect Your Data

You may find additional information on securing computers and data on UCI’s Information Security web site (https://security.uci.edu/) including the Information Security Coordinator for your area (https://security.uci.edu/isc.html).

Questions can be addressed to OIT Security at security@uci.edu.

Thank you,

Josh Drummond
Chief Information Security Officer
Office of Information Technology

Thea L. Bullock
Director, Public Records Office
Interim Campus Privacy Official

Scroll Up