Works closely with departments to resolve identified issues

Based on a determination of the potential size and significance of the privacy violation, the CPO will alert Legal and Risk team and Senior Leadership. The Privacy Office is responsible for providing oversight and advisory assistance to the senior leadership of the affected department to ensure that appropriate remediation occurs. This process may include:

  • Identification of areas where different processes, technical measures, and/or individual monitoring might have prevented the privacy breach
  • Implementation and ongoing monitoring of process changes, technical measures, or individual disciplinary measures designed to prevent a breach in the future
  • Performance of a root cause analysis as necessary

Source :
https://policies.ucsf.edu/policy/200-30