The right to privacy is expressed in the California Constitution. The University of California similarly values privacy. Under the UC Statement of Privacy Values & Privacy Principles, privacy consists of (1) the individual’s ability to conduct activities without concern of or actual observation and (2) the appropriate protection, use, and release of information about individuals.
Data Privacy Day – January 28
In celebration of Data Privacy Day 2022, the UC campus privacy officers are hosting a Film Screening and Panel Discussion of the film, The Social Dilemma. You may either watch the film at home on Netflix or register for a free screening on the film on Friday, January 14, 2022 at 10am. Then, please join us as a panel of UC data and privacy experts discuss the film on January 28, 2022 at noon. For more information about this event, please visit the Data Privacy Day 2022 page of see the event details on the UCR Events Calendar.
In addition, the UC campus privacy officers have created the inaugural UC Data Privacy Award. The award will be given each year on January 28 to honor an employee or department that has demonstrated a commitment to UC's Privacy Principles during the previous year. To learn more about the award criteria and how to nominate an individual or department, please see the Data Privacy Award article on the UC IT Blog.
To learn more about Data Privacy Day, visit:
The UC Riverside privacy goals are derived from the UC Privacy Principles and include:
- Upholding academic integrity, intellectual freedom, and autonomy;
- Committing to the privacy values while also respecting obligations relating to transparency, accountability, and individual choice;
- Promoting stewardship of personal data handled by the campus;
- Ensuring an appropriate level of privacy through policies and procedures, especially as interpretations of privacy change over time;
- Raising awareness about privacy issues, laws and regulations.
Privacy Policies and Resources
In an effort to operationalize these privacy values and principles UCR and the UC System has developed policies and resources.
- Privacy Principles and Practices
- UC Electronic Communications Policy
- IS-3 Electronic Information Security
- BFB-RMP-7 Protection of Administrative Records Containing Personally Identifiable Information
- APM 160 Maintenance of, Access to, and Opportunity to Request Amendment of Academic Personnel Records
- PACAOS Section 130 – Policies Applying to the Disclosure of Information from Student Records
- For a more exhaustive list of system-wide policies and references, see UC Privacy Policies and Reference
- GDPR Resources
- For health privacy matters, such as HIPAA-related information, see the UCR School of Medicine Compliance Office web page.
- For student record privacy matters, such as FERPA-related information, see the UCR Office of the Registrar web page.
- For research privacy matters, such as FAQs about GDPR, see the Office of Research Integrity web page.
- 400-32 Electronic Information Security Policy
- 400-31 Electronic Communications Policy (ECP) Overview and Implementation at UCR
- 400-35 Information Systems (Access, Use, and Security)
- 400-60 Notification of Security Breaches Involving Personal Information
Privacy Laws and Regulations
Privacy laws and regulations, particularly related to data privacy, are relatively new and consistently evolving to keep up with new technologies and frameworks. Data privacy is not only concerned with keeping data confidential, but also with empowering individuals to understand what data are collected, how they are used, and to be a participant in that process where possible. UCOP provides information about the most important data privacy laws:
- California specific laws:
- Financial Information:
- Gramm-Leach-Bliley Act – Federal Trade Commission (FTC) Financial Privacy and Safeguarding Rules
- European privacy regulations:
Electronic Records Requests
The UC Electronic Communications Policy (ECP) specifies requirements for obtaining consent or authorization to access the electronic records of current employees and students and for using the “least perusal of contents and the least action necessary to resolve the situation.” UCR has established procedures for electronic records requests, including those that involve:
- Access With Consent
- Access Without Consent (AWOC)
- Former Employee Requests, and
- Data Preservation Requests.
For more information about these procedures, please visit the Data Request Procedures page.
Contact the campus privacy official:
Contact the UCR School of Medicine privacy official:
All UC campuses have a dedicated privacy official. Find a list here of all UC Campus Privacy Officials.