APP Historical Revisions
This is a list of APP updates in chronological order, beginning with the most recent update. This list can be sorted by APP number.
Subscribe here to receive email notifications whenever there is a new or change to an APP.
Effective | APP | Description |
---|---|---|
1/05/2004 | Pol 420 | Breaches of Computerized Personal Information. This new policy describes circumstances when notification of a system security breach is required and identifies the campus officials responsible for responding. It also describes the responsibilities of Vice Chancellors and Deans for ensuring compliance in their respective units. |
8/01/2005 | Pol 420 | Breaches of Computerized Personal Information. This revised policy describes the responsibilities of designated Security Breach Coordinators and breaks down the procedures into two parts - Initial Reporting & Analysis and Security Breach Notification. An updated listing of Security Breach Coordinators and suggested Data Security Guidelines are attached to the policy. |
10/05/2005 | Pol 420 | Breaches of Computerized Personal Information. New Campus Security Breach Coordinator for Research Programs listed on Attachment A; additional principle added to list of Data Security Guidelines in Attachment B. |
11/23/2005 | Pol 420 | Breaches of Computerized Personal Information. New Campus Security Breach Coordinator for Medical Sciences and School of Medicine listed on Attachment A. |
12/01/2006 | Pol 420 | Breaches of Computerized Personal Information. The references to the Director, IT Policy have been changed to the Director, IT Security. Audit & Advisory Services will be notified of any potential security breach. The list of Campus Security Breach Coordinators has been revised. |
1/19/2007 | Pol 420 | Breaches of Computerized Personal Information. The Campus Security Breach Coordinator for Research Programs has been changed. |
5/21/2007 | Pol 420 | Breaches of Computerized Personal Information. This revised policy clarifies which campus officials have responsibilities for the security of data files containing Personal Information in their respective areas. The list of Security Breach Coordinators (Attachment A) has also been updated. |
7/06/2007 | Pol 420 | Breaches of Computerized Personal Information. Changes to a designated Security Breach Coordinator must be approved by the appropriate official and communicated to the Director, IT Security; list of Security Breach Coordinators has been updated. |
7/26/2007 | Pol 420 | Breaches of Computerized Personal Information. The title of the Security Breach Coordinator for the School of Engineering & Applied Science has been updated. |
10/11/2007 | Pol 420 | Breaches of Computerized Personal Information. This revised policy adds the provision for a substitute method of notice in the event of a security breach, in accordance with UC Business & Finance Bulletin IS-3. Also, the Security Breach Coordinator for Legal Affairs has been updated. |
2/27/2008 | Pol 420 | Breaches of Computerized Personal Information. This revised policy implements UC IS-3, which was revised to implement the provisions of State legislation enacted in January 2008. Specifically, medical and health insurance information were added to the definition of personal information. |
3/14/2008 | Pol 420 | Breaches of Computerized Personal Information. Consistent with UC IS-3, "Electronic Information Security," a Security Breach involving medical or health insurance information shall also be reported to the Executive Director, Medical Services, UCOP. |
4/16/2006 | Pol 420 | Breaches of Computerized Personal Information. Technical updates include reporting Security Breach incidents that involve medical or health insurance information to the appropriate UCLA HIPAA Privacy Officer and clarification that a Security Breach Coordinator is a role assumed by the IT Compliance Coordinator in each unit. The list of IT Compliance Coordinators has been updated. |
2/05/2009 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
5/05/2009 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
7/30/2009 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
1/05/2010 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
1/21/2010 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
2/05/2010 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
6/03/2010 | Pol 420 | Breaches of Computerized Personal Information. This updated policy includes changes to the Issuing Officer, Responsible Department, and corresponding changes to the designated lead campus authority (formerly the Associate Vice Chancellor - Information Technology, now the Administrative Vice Chancellor). |
1/24/2011 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
7/19/2011 | Pol 420 | Breaches of Computerized Personal Information. The list of Compliance Coordinators in Attachment A has been updated. |
5/01/2012 | Pol 420 | Breaches of Computerized Personal Information. This revised policy is aligned with protection requirements stated in UCLA Policy 404 - Protection of Electronically Stored Personal Information, and with systemwide procedures set forth in UC Bulletin IS-3, including use of the UC Privacy and Data Security Incident Response Plan. |
12/03/2014 | Pol 420 | Breaches of Computerized Personal Information. A technical update has been made to reflect a title change from "Director, Information Technology Security" to "Chief Information Security Officer." Substantively, the policy remains the same. |