CINXE.COM

UCSF Policy 650-16 Addendum F - UCSF Data Classification Standard | UCSF IT

<!DOCTYPE html> <html lang="en" dir="ltr" prefix="og: https://ogp.me/ns#"> <head> <meta charset="utf-8" /> <meta name="description" content="UCSF_Data_Classification_Standard_08-09-19 (PDF)Document Owner: Patrick PhelanDepartment Contact: UCSF IT SecurityIssue Date: 4/24/17Effective Date: 4/24/17Reviewed/Revised Date: 8/9/19" /> <link rel="canonical" href="https://it.ucsf.edu/standard-guideline/ucsf-policy-650-16-addendum-f-ucsf-data-classification-standard" /> <meta name="google-site-verification" content="xEaB4dnmBmiRU7eUe_PAFXLsD1MjDF2dg4vZUgP1W0U" /> <meta name="Generator" content="Drupal 10 (https://www.drupal.org)" /> <meta name="MobileOptimized" content="width" /> <meta name="HandheldFriendly" content="true" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta itemprop="acquia_lift:content_title" content="UCSF Policy 650-16 Addendum F - UCSF Data Classification Standard" /> <meta itemprop="acquia_lift:content_type" content="policy" /> <meta itemprop="acquia_lift:page_type" content="node page" /> <meta itemprop="acquia_lift:context_language" content="en" /> <meta itemprop="acquia_lift:content_section" content="" /> <meta itemprop="acquia_lift:content_keywords" content="" /> <meta itemprop="acquia_lift:post_id" content="48310" /> <meta itemprop="acquia_lift:content_uuid" content="9ef86f04-d14b-4308-9644-a3cf9e4e4b71" /> <meta itemprop="acquia_lift:published_date" content="1581727541" /> <meta itemprop="acquia_lift:persona" content="" /> <meta itemprop="acquia_lift:engagement_score" content="1" /> <meta itemprop="acquia_lift:account_id" content="UCSF_IT" /> <meta itemprop="acquia_lift:site_id" content="prod-sherpa" /> <meta itemprop="acquia_lift:liftAssetsURL" content="https://lift3assets.lift.acquia.com/stable" /> <meta itemprop="acquia_lift:bootstrapMode" content="auto" /> <meta itemprop="acquia_lift:contentReplacementMode" content="trusted" /> <meta itemprop="acquia_lift:cdfVersion" content="1" /> <script src="https://lift3assets.lift.acquia.com/stable/lift.js" async></script> <link rel="icon" href="/themes/custom/its_default/favicon.ico" type="image/vnd.microsoft.icon" /> <title>UCSF Policy 650-16 Addendum F - UCSF Data Classification Standard | UCSF IT</title> <link rel="stylesheet" media="all" href="/sites/it.ucsf.edu/files/css/css_FBBRL_qmni-VFlN0kJYFaDjoTloDYxzHHT9AzmdfXak.css?delta=0&amp;language=en&amp;theme=its_default&amp;include=eJxVjutyAyEIhV-I6CPtsIqGDkpGMNvt09d2tp3kD7cDHwfNyDfuH5RcR0xmYZ8ia1b4kwyKdseDTBvFlzrYs4IRjnTfcLombY91RNHvtNTGnRtKWDhIOijmMR-rf10FO82pxR2NIAmanW91IzOsdAG6jgXkLwJ22zIVnOKxiu4oN_NTuNc36cfs7XILB-1lAeKVQ2YUrfBkOiz-xtA0T_l_3jUTFMG6Ydf-5-Ub1bZ1rw" /> <link rel="stylesheet" media="all" href="/sites/it.ucsf.edu/files/css/css_mrWG7NuQ1tD6GmDgsPzDrhMGBsjRLZg3ZQfxi38TDRE.css?delta=1&amp;language=en&amp;theme=its_default&amp;include=eJxVjutyAyEIhV-I6CPtsIqGDkpGMNvt09d2tp3kD7cDHwfNyDfuH5RcR0xmYZ8ia1b4kwyKdseDTBvFlzrYs4IRjnTfcLombY91RNHvtNTGnRtKWDhIOijmMR-rf10FO82pxR2NIAmanW91IzOsdAG6jgXkLwJ22zIVnOKxiu4oN_NTuNc36cfs7XILB-1lAeKVQ2YUrfBkOiz-xtA0T_l_3jUTFMG6Ydf-5-Ub1bZ1rw" /> <link rel="stylesheet" media="all" href="/sites/it.ucsf.edu/files/css/css_xKSbp5cPSWe-Io6Tw18ONmCTBf_DQL5aL8avjxAqkEA.css?delta=2&amp;language=en&amp;theme=its_default&amp;include=eJxVjutyAyEIhV-I6CPtsIqGDkpGMNvt09d2tp3kD7cDHwfNyDfuH5RcR0xmYZ8ia1b4kwyKdseDTBvFlzrYs4IRjnTfcLombY91RNHvtNTGnRtKWDhIOijmMR-rf10FO82pxR2NIAmanW91IzOsdAG6jgXkLwJ22zIVnOKxiu4oN_NTuNc36cfs7XILB-1lAeKVQ2YUrfBkOiz-xtA0T_l_3jUTFMG6Ydf-5-Ub1bZ1rw" /> <script src="https://kit.fontawesome.com/051d69e97e.js" defer crossorigin="anonymous"></script> </head> <body class="page-node-48310 path-node page-node-type-policy"> <a href="#main-content" class="visually-hidden focusable skip-link"> Skip to main content </a> <div class="dialog-off-canvas-main-canvas" data-off-canvas-main-canvas> <div class="layout-container app"> <header class="bg-coral" data-search-and-menu-visibility> <section class="topnavbar"> <div class="container"> <nav> <a href="http://www.ucsf.edu" target="_blank" class="">University of California San Francisco</a> <a href="https://giving.ucsf.edu" target="_blank" class="header-give hide-mobile">Give to UCSF</a> </nav> </div> </section> <div class="main-navigation"> <div class="container"> <div class="flex-grid"> <a href="/" aria-current="page" class="router-link-exact-active router-link-active"> <div class="site-title"> <h1>UCSF IT Technology</h1> </div> </a> <div class="navbar"> <nav role="navigation" aria-labelledby="block-mainnavigation-menu" id="block-mainnavigation" class="block block-menu navigation menu--main"> <h2 class="visually-hidden" id="block-mainnavigation-menu">Main navigation</h2> <ul class="menu menu-top-level"> <li class="menu-item menu-item--expanded dropdown-menu-parent"> <a href="/status" data-drupal-link-system-path="node/108351">Status</a> <svg aria-hidden="true" focusable="false" data-prefix="far" data-icon="chevron-down" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 448 512" class="icon svg-inline--fa fa-chevron-down fa-w-14"> <path fill="currentColor" d="M441.9 167.3l-19.8-19.8c-4.7-4.7-12.3-4.7-17 0L224 328.2 42.9 147.5c-4.7-4.7-12.3-4.7-17 0L6.1 167.3c-4.7 4.7-4.7 12.3 0 17l209.4 209.4c4.7 4.7 12.3 4.7 17 0l209.4-209.4c4.7-4.7 4.7-12.3 0-17z" class=""></path> </svg> <ul class="dropdown-menu"> <li class="menu-item dropdown-menu-item"> <a href="/ucsf-security-update-announcements" data-drupal-link-system-path="node/117061">Security Announcements</a> </li> </ul> </li> <li class="menu-item menu-item--expanded dropdown-menu-parent"> <a href="/services" data-drupal-link-system-path="node/108356">Services</a> <svg aria-hidden="true" focusable="false" data-prefix="far" data-icon="chevron-down" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 448 512" class="icon svg-inline--fa fa-chevron-down fa-w-14"> <path fill="currentColor" d="M441.9 167.3l-19.8-19.8c-4.7-4.7-12.3-4.7-17 0L224 328.2 42.9 147.5c-4.7-4.7-12.3-4.7-17 0L6.1 167.3c-4.7 4.7-4.7 12.3 0 17l209.4 209.4c4.7 4.7 12.3 4.7 17 0l209.4-209.4c4.7-4.7 4.7-12.3 0-17z" class=""></path> </svg> <ul class="dropdown-menu"> <li class="menu-item dropdown-menu-item"> <a href="https://one.ucsf.edu">Projects</a> </li> </ul> </li> <li class="menu-item"> <a href="/how-to" data-drupal-link-system-path="node/108361">How To</a> </li> <li class="menu-item"> <a href="/news-events" data-drupal-link-system-path="node/132106">News &amp; Events</a> </li> <li class="menu-item"> <a href="/about-us" title="About UCSF IT" data-drupal-link-system-path="node/108071">About Us</a> </li> <li> <a href="/saml_login?destination=/standard-guideline/ucsf-policy-650-16-addendum-f-ucsf-data-classification-standard" class="user"> <svg aria-hidden="true" focusable="false" data-prefix="far" data-icon="user-alt" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 512 512" class="svg-inline--fa fa-user-alt fa-w-16"> <path fill="currentColor" d="M384 336c-40.6 0-47.6-1.5-72.2 6.8-17.5 5.9-36.3 9.2-55.8 9.2s-38.3-3.3-55.8-9.2c-24.6-8.3-31.5-6.8-72.2-6.8C57.3 336 0 393.3 0 464v16c0 17.7 14.3 32 32 32h448c17.7 0 32-14.3 32-32v-16c0-70.7-57.3-128-128-128zm80 128H48c0-21.4 8.3-41.5 23.4-56.6C86.5 392.3 106.6 384 128 384c41.1 0 41-1.1 56.8 4.2 23 7.8 47 11.8 71.2 11.8 24.2 0 48.2-4 71.2-11.8 15.8-5.4 15.7-4.2 56.8-4.2 44.1 0 80 35.9 80 80zM256 320c88.4 0 160-71.6 160-160S344.4 0 256 0 96 71.6 96 160s71.6 160 160 160zm0-272c61.8 0 112 50.2 112 112s-50.2 112-112 112-112-50.2-112-112S194.2 48 256 48z" class=""></path> </svg> Log In </a> </li> </ul> </nav> <div id="global-search-dropdown" class=""> <div class="search-icon"> <div> <span class="visually-hidden">Open</span> <span class="visually-hidden">Close</span> <span class="hide-mobile">Search</span> </div> </div> <div class="search--dropdown"> <form action="/search" accept-charset="utf-8" method="get" autocomplete="off" class="search"> <label for="header-search" class="search__label">Small screen search</label> <input type="text" name="search" value="" placeholder="Search services, how-to articles, other IT information" class="search__input"> <input type="submit" value="Search" class="search__submit"> </form> </div> </div> <div class="toggle-nav"> <span class="visually-hidden">Open menu</span> </div> </div> </div> </div> </div> <div class="give-mobile"> <a href="https://giving.ucsf.edu" class="give">Give to UCSF</a> </div> </header> <div class="region-breadcrumb"> <div id="block-breadcrumbs" class="block block-system block-system-breadcrumb-block"> <div class="content"> <nav role="navigation" aria-labelledby="system-breadcrumb"> <h2 id="system-breadcrumb" class="visually-hidden">Breadcrumb</h2> <ol class="breadcrumb"> <li class="breadcrumb-item"><a href="/">Home</a></li> <li class="breadcrumb-item"><a href="/standard-guideline">Standards &amp; Guidelines</a></li> <li class="breadcrumb-item">UCSF Policy 650-16 Addendum F - UCSF Data Classification Standard</li> </ol> </nav> </div> </div> </div> <main role="main"> <a id="main-content" tabindex="-1"></a> <div class="layout-content content"> <div class="region-content"> <div id="block-its-default-content" class="block block-system block-system-main-block"> <article data-history-node-id="48310" class="node node--type-policy node--view-mode-full"> <div class="node__content"> <div class="container sidebar-visible"> <main class="page-content"> <div class="privacy-warning"> <div class="iconography"><svg aria-hidden="true" focusable="false" data-prefix="fal" data-icon="eye" role="presentation" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512" class="svg-inline--fa fa-eye fa-w-18"><path fill="currentColor" d="M288 288a64 64 0 0 0 0-128c-1 0-1.88.24-2.85.29a47.5 47.5 0 0 1-60.86 60.86c0 1-.29 1.88-.29 2.85a64 64 0 0 0 64 64zm284.52-46.6C518.29 135.59 410.93 64 288 64S57.68 135.64 3.48 241.41a32.35 32.35 0 0 0 0 29.19C57.71 376.41 165.07 448 288 448s230.32-71.64 284.52-177.41a32.35 32.35 0 0 0 0-29.19zM288 96a128 128 0 1 1-128 128A128.14 128.14 0 0 1 288 96zm0 320c-107.36 0-205.46-61.31-256-160a294.78 294.78 0 0 1 129.78-129.33C140.91 153.69 128 187.17 128 224a160 160 0 0 0 320 0c0-36.83-12.91-70.31-33.78-97.33A294.78 294.78 0 0 1 544 256c-50.53 98.69-148.64 160-256 160z" class=""></path></svg></div> <p class="viewable-by">This content is viewable by <span class="">Everyone</span></p> </div> <p class="page-label"><span class="rectangle"></span><span class="label-text">Standard</span></p> <div class="row page-title"> <h1>UCSF Policy 650-16 Addendum F - UCSF Data Classification Standard</h1> </div> <div class="block block-layout-builder block-extra-field-blocknodepolicyflag-save"> <p class="flag flag-anon-message flag-save js-flag-save-48310 action-flag"> <span class="label" data-selector=".flag-anon-save-48310"><span class="far fa-bookmark"></span> Save</span> <p title="Want to save this page for later?" class="flag-anon-message flag-anon-save-48310" style="display:none"><a href="/saml_login?flag_anon=save-48310&amp;destination=/standard-guideline/ucsf-policy-650-16-addendum-f-ucsf-data-classification-standard">Log in via MyAccess to save</a>.</p> </p> </div> <div class="row"> <ul class="list-group"> <li class="list-group-item"> </li> </ul> </div> <div class="row"> <ul class="list-group"> <li class="list-group-item"> <p class="field field--name-field-impacted-services field--type-entity-reference field--label-above"> <strong class="field__label">Impacted Services</strong> <span><a href="/service/it-security-outreach-and-training" hreflang="en">IT Security Outreach and Training</a> </span> </p> </li> </ul> </div> <div class="wysiwyg-content row"> <div class="field-body"><p><a href="https://it.ucsf.edu/sites/default/files/2020-08/UCSF%20Data%20Classification%20Standard%2008-09-19.pdf" type="application/pdf; length=282192">UCSF_Data_Classification_Standard_08-09-19</a>&nbsp;(PDF)</p><p><br><strong>Document Owner:</strong> Patrick Phelan<br><strong>Department Contact:</strong> UCSF IT Security<br><strong>Issue Date:</strong> 4/24/17<br><strong>Effective Date:</strong> 4/24/17<br><strong>Reviewed/Revised Date:</strong>&nbsp;8/9/19</p><h2>Purpose</h2><p>The purpose of this Data Classification Standard is to direct the method for classifying UCSF’s electronic data. This document demonstrates UCSF’s determination of the Protection Levels of each classification of UCSF data in compliance with <a href="https://policy.ucop.edu/doc/7000543/BFB-IS-3">University of California Policy BFB-IS-3: Electronic Information Security</a>.</p><h2>Overview and Scope</h2><p>This standard applies to all electronic data managed and owned by UCSF, wherever it may be stored. Data storage locations may include, but are not limited to, data centers, data accessed by or stored remotely on electronic devices, and UCSF data that is stored with contracted third parties including Business Associates, cloud service providers, vendors, contractors, and temporary staff.</p><p>This data classification methodology in no way supersedes any state or federal government classifications assigned contractually or otherwise.</p><p>UCSF electronic data shall be classified according to the <a href="#Model">,</a> described in this standard. The Data Classification Model will be used to determine the appropriate data classification for UCSF electronic data created, maintained, processed, or transmitted utilizing electronic resources. Under this model data will be classified in accordance with external regulatory, internal regulatory, and other contractual requirements, and in accordance with the potential adverse impact of loss, theft, or unavailability of the data.</p><p>In the event a specific set of electronic data is classified as fitting within a combination of two or more of the data classifications, that data shall be managed according to the most restrictive and/or highest applicable data classification.</p><p>In the event a specific set of electronic data does not fit into the current Data Classification Model, please contact UCSF IT Security for the determination of the appropriate data classification. UCSF’s Data Classification Standard serves as a location-specific interpretation of UC system-wide policy and, therefore, supersedes many of the requirements of the <a href="https://security.ucop.edu/files/documents/policies/institutional-information-and-it-resource-classification-standard.pdf">UC Institutional Information and IT Resource Classification Standard</a>, although the system-wide standard may be referenced for guidance on the classification of data types not documented within this location-specific model.</p><p>UCSF IT Governance shall review the Data Classification Standard at least annually and update as needed to include additional data types and reflect any changes to protection level classification or policy and legal requirements.</p><h2>Business Impact</h2><p>Considerations for evaluating the potential adverse business impact to UCSF due to loss or compromise of the electronic data’s confidentiality or integrity include:<br>• Loss of critical UCSF operations<br>• Negative financial impact (actual money lost, lost opportunities, value of the data itself)<br>• Damage to UCSF’s reputation<br>• Potential for regulatory or legal action<br>• Violation of UCSF’s missions, policies, or principles<br>• Requirement for corrective action or repairs</p><h2>Data Classification Model</h2><table border="1"><tbody><tr><td>&nbsp;</td><td style="width:284px;"><p><strong>Restricted Data</strong></p></td><td style="width:313px;"><p><strong>Sensitive Data</strong></p></td><td style="width:311px;"><p><strong>Internal Data</strong></p></td><td style="width:196px;"><p><strong>Public Data</strong></p></td></tr><tr><td><p><strong>UCOP Protection Level</strong></p></td><td style="width:284px;"><p>P4 - High</p></td><td style="width:313px;"><p>P3 - Moderate</p></td><td style="width:311px;"><p>P2 - Low</p></td><td style="width:196px;"><p>P1 - Minimal</p></td></tr><tr><td><p><strong>Policy &amp; Legal Requirements</strong></p></td><td style="width:284px;"><p>Protection of data is required by federal or state law or regulation, or contractual obligation, and may be subject to data breach notification requirements. <a href="https://it.ucsf.edu/policies/ucsf-minimum-security-standards-electronic-information-resources">UCSF Minimum Security Standards</a> apply.</p></td><td style="width:313px;"><p>Protection of data is required by the data owner or other confidentiality agreement, and may be required by federal or state law or regulation or by policy. <a href="https://it.ucsf.edu/policies/ucsf-minimum-security-standards-electronic-information-resources">UCSF Minimum Security Standards</a> apply.</p></td><td style="width:311px;"><p>Data may not be specifically protected by federal or state law or contractual obligation but are generally not intended for public use or access. Protection of data is governed by University policy. <a href="https://it.ucsf.edu/policies/ucsf-minimum-security-standards-electronic-information-resources">UCSF Minimum Security Standards</a> apply.</p></td><td style="width:196px;"><p>Protection of data is governed by University policy. <a href="https://it.ucsf.edu/policies/ucsf-minimum-security-standards-electronic-information-resources">UCSF Minimum Security Standards</a> apply.</p></td></tr><tr><td><p><strong>Access</strong></p></td><td style="width:284px;"><p>Only authorized individuals with approved access; signed confidentiality, non-disclosure, and/or other applicable agreement as permitted by law; and a business need to know</p></td><td style="width:313px;"><p>Only authorized individuals with approved access and a business need to know</p></td><td style="width:311px;"><p>Intended audience for data access under the design of the system</p></td><td style="width:196px;"><p>Data intended to be readily obtainable by the public.</p></td></tr><tr><td><p><strong>Adverse Business Impact</strong><br><strong>Statement</strong></p></td><td style="width:284px;"><p>High Adverse Impact to:</p><p>- Regulatory or legal action</p><p>- Violations of UCOP or UCSF policies and principles</p><p>- UCSF’s reputation</p><p>- UCSF’s finances</p><p>- UCSF critical operations</p></td><td style="width:313px;"><p>Moderate Adverse Impact to:</p><p>- Regulatory or legal action</p><p>- Violations of UCOP or UCSF policies and principles</p><p>- UCSF’s reputation</p><p>- UCSF’s finances</p><p>- UCSF critical operations</p></td><td style="width:311px;"><p>Low Adverse Impact</p></td><td style="width:196px;"><p>Minimal Adverse Impact</p></td></tr><tr><td><p><strong>Data Types</strong></p></td><td style="width:284px;"><p>-&nbsp;<a href="#PII">Personally Identifiable Information (PII)</a></p><p>-&nbsp;<a href="#phi">Protected Health Information (PHI)</a></p><p>-<a href="#RHI">Research Health Information (RHI)</a></p><p>-&nbsp;<a href="#pci">Payment Card Industry (PCI) Data</a></p><p>-&nbsp;<a href="#CSI">Confidential Security Information</a></p><p>-&nbsp;<a href="#LIPPDI">Licensed Proprietary IP and Product Development Information</a></p></td><td style="width:313px;"><p>-&nbsp;<a href="#IP">University Intellectual Property</a></p><p>-&nbsp;<a href="#De-ID Data">De-identified Health Information</a></p><p>-&nbsp;<a href="#EMP">Employee Information</a></p><p>-&nbsp;<a href="#SFA">Sensitive Faculty Activities</a></p><p>-&nbsp;<a href="#ferpa">Learner Information</a></p><p>-&nbsp;<a href="#DONOR">Donor Information</a></p><p>-&nbsp;<a href="#LIT">Current Litigation/Investigation Materials</a></p><p>-&nbsp;<a href="#CONTR">Contracts</a></p><p>-&nbsp;<a href="#BUILD">Physical Building Designs</a></p><p>-&nbsp;<a href="#FIN">Financial Information</a></p></td><td style="width:311px;"><p>-&nbsp;<a href="#PUBDIR">Public Directory Information</a></p><p>- Routine Business Records and Email</p><p>- Research Using Publicly Available Data</p></td><td style="width:196px;"><p>- Public-facing Websites</p><p>- Published Research</p><p>- Maps</p><p>- Press Releases</p><p>- Course Catalogs</p><p>- Parking Regulations</p></td></tr></tbody></table><h2>Restricted Data Types</h2><p><a class="ck-anchor" id="PII"></a><strong>Personally Identifiable Information (PII)</strong></p><ul><li>PII is protected by federal and state laws and regulations, including federal regulations administered by the U.S. Department of Homeland Security (DHS), and is defined by DHS as “any information that permits the identity of an individual to be directly or indirectly inferred, which if lost, compromised, or disclosed without authorization could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual.” PII must be protected prior to release in accordance with the Public Records Act or other disclosures required by law.</li><li>PII includes but is not limited to the following:</li></ul><p class="webedit-indent-1">2. Any of the following stand-alone elements:</p><ul><li>Full Social Security Number (SSN)</li><li>Driver's license or State ID number</li><li>Passport number</li><li>Visa number</li><li>Alien Registration Number</li><li>Fingerprints or other biometric identifiers</li></ul><p class="webedit-indent-1">3. Full name in combination with any of the following elements:</p><ul><li>Mother's maiden name</li><li>Date of birth</li><li>Last 4 digits of SSN</li><li>Citizenship or immigration status</li><li>Ethnic or religious affiliation</li></ul><p><a class="ck-anchor" id="phi"><strong>&nbsp;Protected Health Information (PHI)</strong></a></p><p>PHI is protected by the federal Health Insurance Portability and Accountability Act (HIPAA) and includes all individually identifiable health information, held or transmitted by a Covered Entity or its business associate, that relates to the health or health care of an individual, and specifically includes but is not limited to the following:</p><p>Information about an individual’s past, present, or future physical or mental health condition, or provision of and/or payment for healthcare to the individual, which includes at least one of the following identifiers:</p><ul><li>Names</li><li>All geographic subdivisions smaller than a state, except for the initial three digits of the zip code if the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people</li><li>All elements of dates, except year, and all ages over 89 or elements indicative of such age</li><li>Telephone numbers</li><li>Fax numbers</li><li>Email addresses</li><li>Social Security numbers</li><li>Medical record numbers</li><li>Health plan beneficiary numbers</li><li>Account numbers</li><li>Certificate or license numbers</li><li>Vehicle identifiers and serial numbers, including license plate numbers</li><li>Device identifiers and serial numbers</li><li>Web Universal Resource Locators (URLs)</li><li>Internet Protocol (IP) addresses</li><li>Biometric identifiers, including finger and voice prints</li><li>Full face photographs and any comparable images</li><li>Any other unique, identifying number, characteristic, or code, except as permitted for re- identification in the Privacy Rule.&nbsp; This includes APeX-generated identifiers such as Encounter ID and PatID.</li></ul><p><a class="ck-anchor" id="RHI"><strong>Research Health Information</strong></a></p><p>Research health information is individually identifiable health information collected outside of the covered entity setting (i.e., the researcher is acting solely as a researcher with no clinical interaction, and the data is collected outside of UCSF’s HIPAA covered entity providers).&nbsp;&nbsp;Examples of research health information include: data obtained from subjects during interviews or surveys, and the investigators do not review or alter the subjects' health records or make treatment decisions as part of the research; data obtained from records open to the public or existing research records; and data obtained using tests that do not go into the medical record because they are part of a basic research study and the results will not be disclosed to the subject.</p><p><a class="ck-anchor" id="pci"><strong>Payment Card Industry Data (PCI) Data</strong></a></p><p>PCI Data is data subject to the Payment Card Industry Data Security Standard/s (PCI-DSS), developed by the PCI Security Standards Council and adhered to by the University, and includes but is not limited to the following:</p><ol><li>Cardholder Data:<ul><li>Primary Account Number (PAN)</li><li>Cardholder name</li><li>Service code</li><li>Expiration date</li></ul></li><li>Sensitive Authentication Data:<ul><li>Full magnetic stripe data</li><li>CAV2/CVC2/CVV2/CID</li><li>PIN/PIN Block</li></ul></li></ol><p><a class="ck-anchor" id="CSI"><strong>Confidential Security Information</strong></a></p><p>Information descriptive of the specific security measures that safeguard restricted (confidential or personal) information resources represents a special class of information that should be protected from unauthorized access or disclosure. Such information – whether hardware configurations, management controls or security practices, or procedures employed – could provide a roadmap for malicious individuals to attack University applications, systems, and networks. Confidential security information includes but is not limited to the following:</p><ul><li>Documentation of known or potential vulnerabilities and risks</li><li>Results of security scans and assessments</li><li>Implementation/configuration details for security devices and tools (e.g., specific software version numbers, network diagrams, vendor definition updates, and software modules)</li><li>Implementation/configuration details for systems that provide security services for restricted data types. Security services include services which ensure confidentiality, integrity, and availability for other systems (e.g., authentication systems, VPN’s, systems management consoles, backup systems, credential stores, data loss prevention systems, system inventories, and encryption)</li><li>Firewall and intrusion detection system logs</li><li>Private credentials used to authenticate users, processes, and systems</li><li>Security incident documentation including (e.g., indicators of compromise, remediation plans, remediation efforts, data identification analysis, documentation of malicious presence in the environment, and forensic analysis)</li><li>Permission attributes identifying the resources to which an individual has access</li></ul><p><a class="ck-anchor" id="LIPPDI"><strong>Licensed Intellectual Property and Product Development Information</strong></a></p><p>Licensed intellectual property and product development information is third party confidential information licensed to outside industries to the extent of identifying the products or services the third party (typically pharma and biotech industries) is developing with UCSF, and the third party’s commercialization plans for those products and services. Licensed intellectual property and product development information includes but is not limited to the following:</p><ul><li>Medical indication for which the third party is developing the product</li><li>Information identifying the chemical structure of a lead therapeutic candidate in development</li><li>Financial terms of the license</li><li>Proprietary company information relating to existing products in the industry partner’s pipeline</li><li>Information relating to the product development timeline</li></ul><h2>Sensitive Data Types</h2><p><a class="ck-anchor" id="IP"><strong>University Intellectual Property</strong></a></p><p>University intellectual property relates to creations of the mind and includes electronic data which the University may patent or gain from financially through intellectual property commercialization partnerships and commercial entities. University intellectual property includes patents, copyrights, trademarks, and trade secrets, but does not include copyrighted materials which are publicly available.</p><p><a class="ck-anchor" id="De-ID Data"></a><strong>De-identified Health Information</strong></p><ol><li>Health information that does not identify an individual, and for which there is no reasonable basis to believe that the information can be used to identify an individual, is not individually identifiable health information (PHI) and is considered de-identified. The Health Insurance Portability and Accountability Act (HIPAA) allows for two methods of de-identification: <a href="https://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html#standard">Expert Determination and Safe Harbor</a>.</li><li>Expert Determination requires that a person with appropriate knowledge of and experience with generally accepted statistical and scientific principles and methods applies those principles and methods and determines that the risk is very small that the information could be used to identify an individual who is the subject of the information. Methods and results of the analysis must be documented.</li><li>For Safe Harbor, all of the following 18 identifiers must be removed:<ul><li>Names</li><li>All geographic subdivisions smaller than a state, except for the initial three digits of the zip code if the geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people</li><li>All elements of dates, except year, and all ages over 89 or elements indicative of such age</li><li>Telephone numbers</li><li>Fax numbers</li><li>Email addresses</li><li>Social Security numbers</li><li>Medical record numbers</li><li>Health plan beneficiary numbers</li><li>Account numbers</li><li>Certificate or license numbers</li><li>Vehicle identifiers and serial numbers, including license plate numbers</li><li>Device identifiers and serial numbers</li><li>Web Universal Resource Locators (URLs)</li><li>Internet Protocol (IP) addresses</li><li>Biometric identifiers, including finger and voice prints</li><li>Full face photographs and any comparable images</li><li>Any other unique, identifying number, characteristic, or code, except as permitted for re-identification in the Privacy Rule. This includes APeX-generated identifiers such as Encounter ID and PatID.</li></ul></li><li>Options for obtaining validated de-identified data sets include: requesting de-identified data as part of the <a href="https://ucsf.service-now.com/ess/bis_intelligence.do">UCSF Enterprise Data Request Process</a>; utilizing data from <a href="https://data.ucsf.edu/research/deid-data">UCSF de-identified data applications</a>; or requesting validation of your own de-identified data set through <a href="https://data.ucsf.edu/cdrp/de-identification">validation services</a> provided by UCSF Enterprise Information and Analytics.</li><li>Both Safe Harbor and Expert Determination methods, even when properly applied, yield de-identified data that retains some risk of identification. Although the risk may be very small, it is not zero, and the possibility remains that de-identified data could be linked back to the identity of the patient to which it corresponds.</li></ol><p><a class="ck-anchor" id="EMP"><strong>Employee Information</strong></a></p><p>Employee information is managed by Human Resources or Academic Personnel, protected by state or federal laws and regulations, including regulations of the United States Department of Labor, and is data directly associated with an employee or applicant for employment, which must be protected prior to release in accordance with applicable policy and law. Employee information includes but is not limited to the following:</p><ul><li>Contents of Employment applications, other than Personally Identifiable Information (PII)</li><li>Personnel files</li><li>Performance evaluations</li><li>Benefits information</li></ul><p><a class="ck-anchor" id="SFA"><strong>Sensitive Faculty Activities</strong></a></p><p>Sensitive faculty activities include information about the teaching, research, and service activities of UCSF faculty. Sensitive faculty activities include but are not limited to the following:</p><ul><li>Academic research or teaching activities involving use of live animal research subjects, or other controversial matters</li><li>Academic research or teaching activities involving control of hazardous materials, or technology which presents a high risk of harm to persons or property</li><li>Academic service activities involving affiliation with an organization which, if made known to the general public, may result in risk of bodily or other harm to the individual</li></ul><p><a class="ck-anchor" id="ferpa"><strong>Learner Information</strong></a></p><p>The Family Educational Rights and Privacy Act (FERPA) protects from disclosure most records that are directly related to a learner and that are maintained by UCSF or a party acting for UCSF. Learner information includes but is not limited to the following:</p><ul><li>Grades, exam papers, and test scores</li><li>Class lists</li><li>Learner course schedules</li><li>Evaluations and disciplinary records</li><li>Learner financial records</li><li>Directory information for learners who have requested that information about them not be released as public information</li><li>Employment records of a learner, if the learner's employment is contingent upon the fact that he or she is a learner</li></ul><p><a class="ck-anchor" id="DONOR"><strong>Donor Information</strong></a></p><p>Donor Information is information about financial asset donations that has a stated purpose at the bequest of the donor, and includes but is not limited to:</p><ul><li>Donor's full name</li><li>Donor contact information</li><li>Securities donated</li><li>Real estate donations</li><li>Planned giving arrangements</li><li>Amount/value donated</li></ul><p><a class="ck-anchor" id="LIT"><strong>Current Litigation/Investigation Materials</strong></a></p><p>Current litigation materials are electronically stored information that pertains to a current litigation hold implemented by UCSF’s Office of General Counsel. These materials include but are not limited to:</p><ul><li>Word, Excel, PowerPoint, or other office application documents</li><li>PDF documents</li><li>E-mail</li><li>Calendar items</li><li>Electronic voice mail</li><li>USB drives</li></ul><p><a class="ck-anchor" id="CONTR"><strong>Contracts</strong></a></p><p>Contracts are electronic copies of agreements, to which UCSF is a party, creating obligations enforceable by law. Electronic contracts include but are not limited to the following formats:</p><ul><li>Word documents</li><li>PDFs</li><li>Scanned images</li></ul><p><a class="ck-anchor" id="BUILD"><strong>Physical Building Designs</strong></a></p><p>Physical building designs are defined as detailed floor plans, architectural drawings, or other renderings that show restricted areas, animal care facilities, mechanical spaces, or other spaces in the buildings not considered accessible for public use. Physical building designs include but are not limited to the following formats:</p><ul><li>Office documents (Visio, Word, etc.)</li><li>Autocad</li><li>PDFs</li><li>Images</li><li>Videos</li></ul><p><a class="ck-anchor" id="FIN"><strong>Financial Information</strong></a></p><p>Financial information includes monetary facts about UCSF and/or other parties who participate in financial transactions with UCSF that are used in billing, credit assessment, loan transactions, and other similar activities, that must be protected prior to release in accordance with the California Public Records Act or other disclosures required by law. Financial Information includes but is not limited to:</p><ul><li>Taxpayer identification numbers</li><li>Credit ratings</li><li>Account numbers</li><li>Account balances</li></ul><h2>Internal Data Types</h2><p><a class="ck-anchor" id="PUBDIR"><strong>Public Directory Information</strong></a></p><p>Public directory information includes information about academic personnel, staff personnel, and learners that is designated as public information in accordance with UCOP policy, and includes but is not limited to the following:</p><ol><li><a href="http://www.ucop.edu/academic-personnel-programs/_files/apm/apm-160.pdf">Non-Personal Academic Personnel Information</a>:<ul><li>Name</li><li>Date of hire or separation</li><li>Current position title</li><li>Current rate of pay</li><li>Organization unit assignment including office address and telephone number</li><li>Full-time, part-time, or other employment status</li></ul></li><li><a href="http://policy.ucop.edu/doc/4010419">Staff Personnel Records Designated as “Public Information”</a><ul><li>Name</li><li>Date of hire</li><li>Current position title</li><li>Current salary</li><li>Organizational unit assignment</li><li>Date of separation</li><li>Office address and office telephone number</li><li>Current job description</li><li>Full-time or part-time, and appointment type</li></ul></li><li><a href="https://studentlife.ucsf.edu/13000-policies-applying-disclosure-information-student-records">Public Student Directory Information</a> (unless a learner notifies UCSF in writing or via electronic procedures that any or all of these may not be disclosed (FERPA block))<ul><li>Name</li><li>Address (local and/or permanent)</li><li>E-mail address</li><li>Telephone numbers</li><li>Date and place of birth</li><li>Field(s) of study</li><li>Dates of attendance</li><li>Grade level</li><li>Enrollment status</li><li>Number of course units in which enrolled</li><li>Degrees and honors received</li><li>Most recent previous education institution attended</li><li>Photo</li><li>Participation in officially recognized activities, including athletics</li><li>For participants on intercollegiate University athletic teams: name, weight, and height</li></ul></li></ol><p>&nbsp;</p></div> </div> <div class="row"> <div class="ownership-well"> <ul class="list-group"> <li class="list-group-item"> <strong class="field__label">Owning Team: </strong> <a href="/directory/team/it-security" hreflang="en">IT Security</a> </li> <li class="list-group-item"></li> </ul> </div> </div> <div class="row"> <div class="related-content"> <div class="row"> <div class="related-content-title"> <h2 class="title">Related Information</h2><div class="flare"></div> </div> <ul class="list-group"> <li class="list-group-item list-group-title"><a href="/standards-and-guidelines/ucsf-650-16-addendum-b-ucsf-minimum-security-standards-electronic-information" hreflang="en">UCSF 650-16 Addendum B - UCSF Minimum Security Standards for Electronic Information Resources</a></li> </ul> </div> <div class="views-element-container block block-views block-views-blockrelated-news-block-1"> <div><div class="view view-related-news view-id-related_news view-display-id-block_1 js-view-dom-id-140deae83e9654caafe27260b3de28bd7605fd2683c3385c2d18a5e6f7ad3917"> <div class="view-header"> <div class="related-content-title"><h2 class="title">Related News</h2><div class="flare"></div></div> </div> <div class="view-content"> <div> <ul class="list-group"> <li class="list-group-item list-group-title"><div class="views-field views-field-title"><span class="field-content"><a href="/news-events/news/follow-uc-and-ucsf-it-security-policies-protect-ucsfs-patients-research-learners" hreflang="en">Follow UC and UCSF IT Security Policies to Protect UCSF’s Patients, Research, Learners, and Employees</a></span></div><span class="views-field views-field-uid"><span class="field-content">Esther Silver</span></span>/<span class="views-field views-field-field-news-date"><span class="field-content">Tuesday, May 14, 2024</span></span></li> <li class="list-group-item list-group-title"><div class="views-field views-field-title"><span class="field-content"><a href="/news-events/news/know-your-role-protecting-ucsf-data" hreflang="en">Know Your Role in Protecting UCSF Data</a></span></div><span class="views-field views-field-uid"><span class="field-content">Esther Silver</span></span>/<span class="views-field views-field-field-news-date"><span class="field-content">Wednesday, December 20, 2023</span></span></li> </ul> </div> </div> </div> </div> </div> </div> </div> </main> <aside class="sidebar"> <div class="mobile-sidebar-controls"><div class="toggle-sidebar"></div><span>Section Menu</span></div> <div class="views-element-container block block-views block-views-blockhierarchical-sidebar-content--block-3"> <div><div class="view view-hierarchical-sidebar-content- view-id-hierarchical_sidebar_content_ view-display-id-block_3 js-view-dom-id-d469305c84bb571f8cafaae246665c71503cf949a2ba45abe5588d379fc471a8"> <div class="view-content"> <div><div class="views-field views-field-title sidebar-menu"><div class="field-content menu-heading">IT Security Outreach and Training</div></div> <div><ul class="sidebar-menu"><li><a class="depth-0" href="/how-to/information-security-everyones-responsibility">Information Security Is Everyone&#039;s Responsibility </a> </li><li><a class="depth-0" href="/how-to/it-security-awareness-stay-sharp-stay-safe">IT Security Awareness - Stay Sharp to Stay Safe</a> </li><li><a class="depth-0" href="/how-to/it-security-and-awareness-champion-program-overview">IT Security and Awareness Champion Program: Overview</a> </li><li><a class="depth-0" href="/how-to/view-it-security-awareness-videos">View IT Security Awareness Videos</a> </li><li><a class="depth-0" href="/how-to/request-it-security-awareness-posters">Request IT Security Awareness Posters</a> </li><li><a class="depth-0" href="/how-to/it-security-orientations-and-education">IT Security Orientations and Education</a> </li><li><a class="depth-0" href="/how-to/it-security-educational-meetings-and-webinars">IT Security Educational Meetings and Webinars</a> </li><li><a class="depth-0" href="/how-to/advanced-it-security-training-ucsf-learning-management-system">Advanced IT Security Training on the UCSF Learning Management System</a> </li></ul></div></div> </div> </div> </div> </div> </aside> </div> </div> </article> </div> </div> </div> </main> <footer class="global-footer" role="contentinfo"> <div class="container-lg"> <div class="flex-row"> <div class="col"> <figure class="logo"> <a href="/" aria-current="page" class="logo__link" title="Home" rel="home"> <picture class="logo__image"> <img src="/themes/custom/its_default/img/ucsf-it-logo-white.svg" alt="Home" class="logo__img"> </picture> </a> </figure> </div> <div class="col"> <div class="region-footer-col1"> <nav role="navigation" aria-labelledby="block-footercol1-menu" id="block-footercol1" class="block block-menu navigation menu--footer-col-1"> <h2 class="visually-hidden" id="block-footercol1-menu">Footer Col 1</h2> <ul class="menu"> <li class="menu-item"> <a href="/status">Status </a> </li> <li class="menu-item"> <a href="/services">Services </a> </li> <li class="menu-item"> <a href="/how-to">How To </a> </li> <li class="menu-item"> <a href="/news-events">News &amp; Events </a> </li> </ul> </nav> </div> </div> <div class="col"> <div class="region-footer-col2"> <nav role="navigation" aria-labelledby="block-footercol2-menu" id="block-footercol2" class="block block-menu navigation menu--footer-col-2"> <h2 class="visually-hidden" id="block-footercol2-menu">Footer Col 2</h2> <ul class="menu"> <li class="menu-item"> <a href="/about-us">About </a> </li> <li class="menu-item"> <a href="/directory">IT Directory </a> </li> <li class="menu-item"> <a href="/standard-guideline">Standards &amp; Guidelines </a> </li> </ul> </nav> </div> </div> <div class="col"> <div class="region-footer-col3"> <nav role="navigation" aria-labelledby="block-footercol3-menu" id="block-footercol3" class="block block-menu navigation menu--footer-col-3"> <h2 class="visually-hidden" id="block-footercol3-menu">Footer Col 3</h2> <li class="menu-item"> <a href="https://help.ucsf.edu">Get Help</a> </li> <li class="menu-item"> <a href="https://recognize.ucsf.edu">Recognize IT Staff</a> </li> </nav> </div> <div class="modal-wrapper" data-sn-modal> <div role="dialog" aria-labelledby="modal-title" aria-modal="true" class="modal" style="z-index: 10;"> <div class="service-now-modal"> <button aria-label="close reveal" role="button" tabindex="0" class="close-modal"> <svg aria-hidden="true" focusable="false" data-prefix="far" data-icon="times" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 320 512" class="svg-inline--fa fa-times fa-w-10"> <path fill="currentColor" d="M207.6 256l107.72-107.72c6.23-6.23 6.23-16.34 0-22.58l-25.03-25.03c-6.23-6.23-16.34-6.23-22.58 0L160 208.4 52.28 100.68c-6.23-6.23-16.34-6.23-22.58 0L4.68 125.7c-6.23 6.23-6.23 16.34 0 22.58L112.4 256 4.68 363.72c-6.23 6.23-6.23 16.34 0 22.58l25.03 25.03c6.23 6.23 16.34 6.23 22.58 0L160 303.6l107.72 107.72c6.23 6.23 16.34 6.23 22.58 0l25.03-25.03c6.23-6.23 6.23-16.34 0-22.58L207.6 256z" class=""></path> </svg> </button> <h1 id="modal-title">Submit a Support Inquiry</h1> <p>For emergencies and high priority issues please call the IT Service Desk (415) 514-4100</p> <p class="validation-message"></p> <form> <div class="description-radios"> <div class="radio"> <input name="u_short_description" type="radio" id="one" value="The content on this page has an error…" checked> <label for="one">The content on this page has an error…</label> </div> <div class="radio"> <input name="u_short_description" type="radio" id="two" value="The page doesn’t work right…"> <label for="two">The page doesn’t work right…</label> </div> </div> <div class="description-custom" hidden> <label for="u_short_description">Short Description</label> <div> <input type="text" id="u_short_description" name="u_short_description" disabled required/> </div> </div> <label for="u_long_description">Please provide a detailed description of the issue:</label> <div> <textarea id="u_long_description" name="u_long_description" rows="5" cols="60" required></textarea> </div> <button class="btn btn-secondary" type="submit">Submit</button> </form> </div> </div> <div class="overlay"></div> </div> </div> <div class="col"> <div class="region-footer-social-links"> <nav> <ul class="social-links"> <li> <a href="https://www.facebook.com/ucsf"> <svg aria-hidden="true" focusable="false" data-prefix="fab" data-icon="facebook" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 512 512" class="svg-inline--fa fa-facebook fa-w-16"> <path fill="currentColor" d="M504 256C504 119 393 8 256 8S8 119 8 256c0 123.78 90.69 226.38 209.25 245V327.69h-63V256h63v-54.64c0-62.15 37-96.48 93.67-96.48 27.14 0 55.52 4.84 55.52 4.84v61h-31.28c-30.8 0-40.41 19.12-40.41 38.73V256h68.78l-11 71.69h-57.78V501C413.31 482.38 504 379.78 504 256z" class=""></path> </svg> <span class="hide-visually-offscreen">Facebook</span> </a> </li> <li> <a href="https://twitter.com/ucsf"> <svg aria-hidden="true" focusable="false" data-icon="twitter" role="presentation" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512" class="svg-inline--fa fa-w-16"> <path fill="currentColor" d="M389.2 48h70.6L305.6 224.2 487 464H345L233.7 318.6 106.5 464H35.8L200.7 275.5 26.8 48H172.4L272.9 180.9 389.2 48zM364.4 421.8h39.1L151.1 88h-42L364.4 421.8z"/> </svg> <span class="hide-visually-offscreen">Twitter</span> </a> </li> <li> <a href="https://www.youtube.com/ucsf"> <svg aria-hidden="true" focusable="false" data-prefix="fab" data-icon="youtube" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 576 512" class="svg-inline--fa fa-youtube fa-w-18"> <path fill="currentColor" d="M549.655 124.083c-6.281-23.65-24.787-42.276-48.284-48.597C458.781 64 288 64 288 64S117.22 64 74.629 75.486c-23.497 6.322-42.003 24.947-48.284 48.597-11.412 42.867-11.412 132.305-11.412 132.305s0 89.438 11.412 132.305c6.281 23.65 24.787 41.5 48.284 47.821C117.22 448 288 448 288 448s170.78 0 213.371-11.486c23.497-6.321 42.003-24.171 48.284-47.821 11.412-42.867 11.412-132.305 11.412-132.305s0-89.438-11.412-132.305zm-317.51 213.508V175.185l142.739 81.205-142.739 81.201z" class=""></path> </svg> <span class="hide-visually-offscreen">YouTube</span> </a> </li> <li> <a href="https://www.instagram.com/ucsf/"> <svg aria-hidden="true" focusable="false" data-prefix="fab" data-icon="instagram" role="presentation" xmlns="http://www.w3.org/2000/svg" viewbox="0 0 448 512" class="svg-inline--fa fa-instagram fa-w-14"> <path fill="currentColor" d="M224.1 141c-63.6 0-114.9 51.3-114.9 114.9s51.3 114.9 114.9 114.9S339 319.5 339 255.9 287.7 141 224.1 141zm0 189.6c-41.1 0-74.7-33.5-74.7-74.7s33.5-74.7 74.7-74.7 74.7 33.5 74.7 74.7-33.6 74.7-74.7 74.7zm146.4-194.3c0 14.9-12 26.8-26.8 26.8-14.9 0-26.8-12-26.8-26.8s12-26.8 26.8-26.8 26.8 12 26.8 26.8zm76.1 27.2c-1.7-35.9-9.9-67.7-36.2-93.9-26.2-26.2-58-34.4-93.9-36.2-37-2.1-147.9-2.1-184.9 0-35.8 1.7-67.6 9.9-93.9 36.1s-34.4 58-36.2 93.9c-2.1 37-2.1 147.9 0 184.9 1.7 35.9 9.9 67.7 36.2 93.9s58 34.4 93.9 36.2c37 2.1 147.9 2.1 184.9 0 35.9-1.7 67.7-9.9 93.9-36.2 26.2-26.2 34.4-58 36.2-93.9 2.1-37 2.1-147.8 0-184.8zM398.8 388c-7.8 19.6-22.9 34.7-42.6 42.6-29.5 11.7-99.5 9-132.1 9s-102.7 2.6-132.1-9c-19.6-7.8-34.7-22.9-42.6-42.6-11.7-29.5-9-99.5-9-132.1s-2.6-102.7 9-132.1c7.8-19.6 22.9-34.7 42.6-42.6 29.5-11.7 99.5-9 132.1-9s102.7-2.6 132.1 9c19.6 7.8 34.7 22.9 42.6 42.6 11.7 29.5 9 99.5 9 132.1s2.7 102.7-9 132.1z" class=""></path> </svg> <span class="hide-visually-offscreen">Instagram</span> </a> </li> </ul> </nav> </div> </div> </div><hr><div class="flex-row"> <p>&copy; 2025 The Regents of the University of California</p> </div> </div> </footer> </div> </div> <script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"","currentPath":"node\/48310","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"en"},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"ajaxPageState":{"libraries":"eJxVj1EOAiEMRC-EcKRNFwrWFGpocV1PL9E16k87mZdMZkAVbaF2wWjSQ1T162CeXqY7qosMqntYQfGjK6pC-bImaTLpGFIfV2APwyRKvc6UAzTpFZge6DJDWaBJ-8S4LM1gQ5WK4Ud7vRVHpkvCDIPtxU4H_AOFZQU-qe1MrThF6PG8_JYIdsaZWKnRrOHnSKe7Gtb3rhvhpuF1fZU0GN2Ga56dw_F9ImApT4cdda8","theme":"its_default","theme_token":null},"ajaxTrustedUrl":[],"component":{"plugins":[]},"search_autocomplete":{"service_search":{"source":"\/callback\/nodes","selector":"#service-list-search","minChars":2,"maxSuggestions":10,"autoSubmit":true,"autoRedirect":false,"theme":"minimal","filters":["q","title"],"noResult":{"group":{"group_id":"no_results"},"label":"No results found for [search-phrase]. Click to perform full search.","value":"[search-phrase]","link":""},"moreResults":{"group":{"group_id":"more_results"},"label":"View all results for [search-phrase].","value":"[search-phrase]","link":""}}},"css_js_query_string":"sromso","webform":{"dialog":{"options":{"narrow":{"title":"Narrow","width":600},"normal":{"title":"Normal","width":800},"wide":{"title":"Wide","width":1000}},"entity_type":"node","entity_id":"48310"}},"user":{"uid":0,"permissionsHash":"f4bc137c3b0e0417208499cfcce574068aa7e6d23310565c0f8c756bdf849489"}}</script> <script src="/sites/it.ucsf.edu/files/js/js_VrRdbqTfEA4XKKuZkwgd1OFu9IGC8g79MSKEnM9KiIc.js?scope=footer&amp;delta=0&amp;language=en&amp;theme=its_default&amp;include=eJxVjutyAyEIhV-I6CPtsIqGDkpGMNvt09d2tp3kD7cDHwfNyDfuH5RcR0xmYZ8ia1b4kwyKdseDTBvFlzrYs4IRjnTfcLombY91RNHvtNTGnRtKWDhIOijmMR-rf10FO82pxR2NIAmanW91IzOsdAG6jgXkLwJ22zIVnOKxiu4oN_NTuNc36cfs7XILB-1lAeKVQ2YUrfBkOiz-xtA0T_l_3jUTFMG6Ydf-5-Ub1bZ1rw"></script> <script src="/themes/custom/its_default/js/main.js?sromso" type="module"></script> <script src="/sites/it.ucsf.edu/files/js/js_KrvVL5yuqzAxqzdfJlVarZSqLY8baXIiEOcFUw-MlEI.js?scope=footer&amp;delta=2&amp;language=en&amp;theme=its_default&amp;include=eJxVjutyAyEIhV-I6CPtsIqGDkpGMNvt09d2tp3kD7cDHwfNyDfuH5RcR0xmYZ8ia1b4kwyKdseDTBvFlzrYs4IRjnTfcLombY91RNHvtNTGnRtKWDhIOijmMR-rf10FO82pxR2NIAmanW91IzOsdAG6jgXkLwJ22zIVnOKxiu4oN_NTuNc36cfs7XILB-1lAeKVQ2YUrfBkOiz-xtA0T_l_3jUTFMG6Ydf-5-Ub1bZ1rw"></script> <script type="text/javascript"> /*<![CDATA[*/ (function() { var sz = document.createElement('script'); sz.type = 'text/javascript'; sz.async = true; sz.src = '//siteimproveanalytics.com/js/siteanalyze_8343.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(sz, s); })(); /*]]>*/ </script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10