Computer Systems: About Us
Policies and Procedures
We follow standard operating procedures that support 21 CFR Part 11, Electronic Records and Signatures, the HIPAA Security Rule, and UC and campus IT policies. IT and DMG collaborate with department QA to ensure that procedures are in place to address procedures, training, security, change control, vendor management, and qualification and testing of network infrastructure and databases. Contact Susan Butler, QA Director, if you have questions or need assistance with validation requirements for your system or software.
User Policies and Standards
- Account Set-Up
- E-mail Use Guidelines
- Hardware/Software Purchasing
- New and Departing Employee Notification
- Password Standards
- Printer Use Guidelines
- Rules of Conduct for Handling Personal Data
- Security Incident Handling
Department Standard Operating Procedures
- SOP D03, External Data Transfer Controls
- SOP G01, Quality Assurance of Sub-contractors, Vendors, and Consultants
- SOP N01, IT Configuration Management
- SOP N02, IT Security
- SOP N03, IT Asset Management
- SOP N04, Back-up and Recovery of DEB Network and Systems
- SOP Q03, SOP Development and Maintenance
- SOP Q04, QA Training Program
- SOP S01, System Change Control
Campus Policies and Guidelines
- 650-12, Communications Cabling
- 650-13, Single Protocol Network Backbone
- 650-14, Network Gateway
- 650-15, Population Definition for UCSF Identity Management System
- 650-16, Information Security and Confidentiality
- HIPAA Handbook
- Implementation of the Electronic Communications Policy - Access Without Consent
- Network Security Best Practices
- Telecommuting Guidelines and Procedures
- Web Development Resources
- Wireless Networking Standards
- Whistleblower Policies and Procedures
UC Policies and Guidelines
- Electronic Communications Policy
- Encryption at UC: Overview and Recommendations
- BFB G-46, Guidance for the Purchase and Use of Cellular Phones and Other Portable Electronic Resources
- BFB IS-2, Inventory, Classification, and Release of University Electronic Information
- BFB IS-3, Electronic Information Security
- BFB IS-10, Systems Development and Maintenance Standards
- BFB IS-11, Identity and Access Management
- BFB IS-12, Continuity Planning and Disaster Recovery
- BFB RMP-8, Legal Requirements on Privacy and Access to Information
- Guidelines for HIPAA Security Rule Compliance