IT Security

For guidance related to compliance with the HIPAA Security Rule, please contact the following:

Medical Center IT Security Department (IT)

Information Technology Support is available by:
Web: http://it.ucsfmedicalcenter.org
Phone: (415) 514-4100, Option 1

Campus IT Security Department (OAAIS)

OAAIS Customer Support is available by:
Web: http://security.ucsf.edu/
Phone: (415) 514-4100, Option 2

Guidance for Lost/ Stolen Mobile Device and/or Media

• How to Report?
• Incident Investigation Process

Secure Email Guidelines

If you are using email to send UCSF confidential or patient information then you are responsible for ensuring that this information is processed securely by using UCSF Secure Email. UCSF Secure Email system works by placing your outbound email message on a secure web site called UCSF Secure Messenger. The recipient receives an email message from the Secure Messenger indicating that there is a secure email message waiting for them at the UCSF secure website, along with a web link to the UCSF secure web site. By accessing the web link, the recipient will be able to retrieve the message over a secure link.  Detailed instructions are available at:

• Medical Center Information Technology (Intranet)
• Office of Academic and Administrative Information Systems (OAAIS)
• School of Medicine Information Service Unit (ISU)
• How to send a Secure Email?

How To Use the Secure Email System Correctly:

1. The start of the subject line must be precise in order to enable security.
2. The subject line should start with ePHI, PHI, or Secure at the beginning of the subject field followed by a colon and then a space. Example of appropriate email subject lines:

ePHI: Your Appointment

PHI: Your Appointment

Secure: Your Appointment