Protecting Students' Privacy

Everyone with access to information about a present or former student is responsible for complying with the law and university policies on the use, maintenance, and disclosure of student information.

• UCSB Best Practices for Securing Campus Electronic Information

• Cloud Services

• Password Management

• PC Management

Improper maintenance, disposal, or release of information about a present or former student is a disservice to our students and exposes the university to significant risk.

• Use a separate password for each service. Don’t use “Log in with…” or have the web browser remember your password.

• Never share your passwords with anyone. 

• Do not automatically forward UCSB email account to a personal email account (POP or IMAP). Use only your UCSB email account to conduct university business.

• Do not use phone/tablet “apps” for UCSB email (including Apple Mail, Gmail, or Outlook). 

• To access UCSB email on other devices, use the secure website log-in.

• When your work is complete, remember to log out and power down devices when not in use.

• Do not store confidential or restricted student data on a flash drive, personal computer, or non-UCSB contracted software (including cloud).

• Do not leave documents containing confidential student data in an unlocked area.

• Double-check email addresses before sending when the email contains confidential student data. 

• Need to send a file containing confidential student data?  Use http://Box.com instead of emailing.  It’s more secure, and the file can easily be deleted when its use has ended.

• Be aware of your surroundings. Use a screen protector to prevent others from viewing information on your screen. Take caution when discussing confidential information verbally--can others who do not have a legitimate educational interest overhear your conversation?

Report unauthorized release, access, or disposal of confidential student information to the Registrar and the Chief Information Security Officer.