I. PURPOSE

This section describes CA&ES Dean's Office policy and procedures needed to comply with the UCD campus Cyber-Safety computing policy with regards to the storing and removal of Restricted Personal Information from computers and other electronic devices.

II. DEFINITIONS

A. Cyber-Safety - UCDavis' campus computing security program and related policies

B. Restricted Personal Information - A person's name, Social Security number, driver's license number and financial account information.

III. GENERAL POLICY

A. Storage of Restricted Personal Information. Storage of Restricted Personal Information on computers on which it is not required for work purposes is prohibited.

B. Removal of Restricted Personal Information. Restricted Personal Information on computers on which it is not required for work purposes shall be removed.

C. Devices which may not store Restricted Personal Information. Restricted Personal Information may not be stored on desktop computers in the Dean's Office.

D. Devices which may store Restricted Personal Information. Restricted electronic information may be stored on server computers in the CA&ES Dean's Office as necessary. Restricted Personal Information may also be stored on laptop computers or other mobile devices as necessary, but the data must be encrypted.

IV. REFERENCES AND RELATED POLICY

UC Davis Policy and Procedure Manual Section 320-20 Privacy of and Access to Information
http://manuals.ucdavis.edu/ppm/320/320-20.pdf

UC Davis Policy and Procedure Manual Section 320-22 Collection and Confidentiality of Social Security Numbers
http://manuals.ucdavis.edu/ppm/320/320-22.pdf

Cyber-Safety Web Site
https://security.ucdavis.edu/personalinfo.html

Cyber-Safety Policy for Personal Information
http://security.ucdavis.edu/personalinfo.html