University of California Office of the President (UCOP)
Campus
To assist campuses in implementing the GDPR requirements, UCOP’s GDPR team has developed a library of operational tools and advisories specifically designed for each required compliance process under GDPR. Resources accesible via the UC GDPR SharePoint site (Employee Authentication Required) include:
- GDPR Compliance Framework
- Legal Advisories
- Compliance Guidance, Tools, and Templates
- Information Technology Services Technical Requirements
- Training Materials
Procurement
To assist procurement offices in their duties additional documents have been added to the UC Systemwide Templates & Documents webpage. Please begin using the new versions of these documents. Specific instructions describing when and how each document should be used can be found under GDPR resources:
- Appendix - Data Security (DS)
- Appendix General Data Protection Regulation (GDPR)
- Addendum A - Scop of Processing Data
- Addendum B - Standard Contractual Clauses
The above documents can be accessed on the UC Procurement Services website under the Forms and Policies section and the password-protected site. For access to the password-protected site, please contact Barbara Waters at UCOP.
IRB Directors, Research Administrators, Researchers, and Research Staff
To assist IRB Directors, Research Administrators, Researchers, and Research Staff in their duties, the UCOP Research Policy Analysis and Coordination (RPAC) unit has issued a Research and Technology Transfer memo. The General Data Protection Regulation Notice and Consent Requirement memo provides information on the European Union’s General Data Protection Regulation notice and consent requirements in informed consent forms. The memo describes:
- Notice and consent requirements
- Special categories of personal data
- Personal data transfers to the United States
- Personal data to assign subjects to different treatments
Additional policies and guidance can be found on RPAC's General Data Protection Regulation webpage as well.
UC Berkeley (UCB)
Departments
- GDPR In One Slide (UCB)
- GDPR Made Simple (UCB)
- GDPR Applicability Decision Tool (UCB)
- GDPR Checklist for Higher Education (UCB)
- GDPR Data Inventory Survey (UCB)
Individuals
- Individual Data Subject Request form
- GDPR FAQs for Individuals Who Are Affiliated, But Not
Employed, by the University of California
External Links
European Commission and member state resources
- Full text of the General Data Protection Regulation
- Information Commissioner's Office (ICO) Guide to the General Data Protection Regulation
- Guidelines from the European Commission’s Article 29 Working Party
- Guide to the General Data Protection Regulation
- Data Protection: Rules for the protection of personal data inside and outside the EU
- Rules for Business and organizations
- The GDPR and You: Preparing for 2018
- GDPR and Organizations: 12 steps to being prepared
- GDPR interactive infographic
- GDPR Infographic
- Data Protection Impact Assessments
- GDPR Checklist
EduCause
International Association of Privacy Professsionals
US Department of Health and Human Services