...
- It is your responsibility to take privacy and security into consideration when making decisions about when it is and is not acceptable to use free/low cost services. All University and campus policies apply to all University data, whether on UC or non-UC systems. Most of these services typically include "click-to-accept" agreements that have not been reviewed or approved by UC and so may introduce security risks for your information and to the University. If you need help assessing these risks, don't hesitate to ask (see Resources, below)contact the campus or Health Affairs Information Security Officer.
- Restricted and confidential information must never be stored, received, processed or published on non-UC systems unless you have worked with Purchasing to ensure that a UC-approved agreement is in place that addresses information security and privacy requirements and concerns. Similarly, don't rely on external information systems or services for critical University business processes unless a UC-approved agreement is in place.
- The University cannot protect the privacy of your communications if you use one of these services, as it has no control over what occurs outside its borders.
...