In June of 2010, former UC President Mark Yudof convened the University of California Privacy and Information Security Steering Committee to perform a comprehensive review of the University’s current privacy and information security policy framework and to make recommendations about how the University should address near-term policy issues and longer-term governance issues related to privacy and information security.
I’m really, really proud of how this turned out, the result of many stellar people’s hard work. It’s particularly rewarding to see that implementation efforts are underway, with each campus designating a privacy official as a first step. (That would be me for UCLA, though my designation came before the report’s completion). Beyond UC, the definitional diagram may be the enduring part of this whole effort. (I have previously used a variant of this diagram that includes an additional label, IT security.)