Privacy and Access to Information

University Records

Access to Records

Members of the public may access records held by the University of California, Irvine by submitting a request to the Public Records Office (PRO).

Under the California Public Records Act (CPRA)  “every person has a right to inspect any public record” (Govt. Code § 6253(a)). This right of access is guaranteed by the CPRA under the principle that, as a public institution, the University's business is subject to public scrutiny. However, certain information is protected and exempt from release under the CPRA and personal privacy is largely protected under the   California Information Practices Act of 1977 (IPA), the   Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the   Family Educational Rights and Privacy Act (FERPA). Additionally, with very limited exceptions, every individual has broad access rights to records containing personal information about themselves under the   California Information Practices Act of 1977 (IPA). The   PRO  can provide additional information about the request process and the types of information that are typically disclosable or exempt.

Requests for records held by the University may be made to the PRO under the CPRA or the IPA.

If you would like to make a records request, or if you are a University employee and have received a records request, please direct your correspondence directly to the PRO via email at, by fax at (949) 725-2862, or by phone at (949) 824-9639. Requests may also be mailed to us at:

University of California, Irvine
Attn: Public Records Office
Irvine, CA 92697-1430

Please see the PRO's " How to Make a Request" and " For UCI Employees" pages for more information.

Public Records Act Requests:

Public Records Office
Irvine, CA 92697-1430

Phone: (949) 824-9639
Facsimile: (949) 725-2862

Federal Laws
Family Educational Rights and Privacy Act (FERPA)
Health Insurance Portability and Accountability Act of 1996 (HIPAA)

State Laws
California Public Records Act
California Information Practices Act of 1977

UC Business and Finance Bulletins
  RMP-7, Privacy of and Access to Information Responsibilities
  RMP-12, Guidelines for Assuring Privacy of Personal Information in Mailing Lists and Telephone Directories

UC Records Management & Retention
  UC Records Retention Schedule
  UCI Records Management

UC Academic Personnel Manual
  Section 160, General University Policy Regarding Academic Appointees: Academic Personnel Records/Maintenance of, Access to, and Opportunity to Request Amendment of

UCI Administrative Policies & Procedures
  Section 720-10, Information from Public Records (California Public Records Act) - Guidelines
  Section 720-11, Privacy of and Access to Information (Excluding Student Records) - Guidelines
  Procedure 80, Staff Personnel Records

Student Records

The UCI University Registrar's office is responsible for student records.

Family Education Rights and Privacy Act Coordinator & UCI Registrar
(949) 824-9672

Federal Regulation
Federal Family Educational Rights & Privacy Act of 1974

University Policies Applying to Campus Activities, Organizations, and Students
  Section 130, UC Policies Applying to the Disclosure of Information from Student Records
  Section 130, Campus Policies Applying to the Disclosure of Information from Student Records

UCI Administrative Policies & Procedures
  Section 720-12, Student and Student Applicant Records - Guidelines

Medical Records / Health Information

The University must comply with HIPAA (Health Insurance Portability and Accountability Act) requirements. These govern the provision of health benefits, the delivery of and payment for healthcare services, and the security and confidentiality of individually identifiable, protected health information (PHI). Protected information may be in any written, electronic, or oral formats collected by University employees in the course of patient care activities at:

UC Irvine Medical Center
College of Health Sciences
Student Health Center
Counseling Center

Other academic and service units that provide treatment, generate or use PHI, conduct electronic billing using PHI, or otherwise have access to such information in the course or scope of the work of the unit or the individual employee.

The "Privacy Rule" refers to the Department of Health & Human Services regulation, Standards for Privacy of Individually Identifiable Health Information, which is applicable to entities covered by HIPAA. The privacy provisions of HIPAA apply to health information created or maintained by health care providers who engage in certain electronic transactions, health plans, and health care clearinghouses. (State laws with stronger privacy protections take precedence over and above the HIPAA Privacy Rule.)

HIPAA may also affect research that uses, creates, or discloses PHI. Researchers have legitimate needs to use, access, and disclose PHI to carry out a wide range of health research studies. The Privacy Rule creates standards that protect a patient or member's medical records and personal health information while providing ways for researchers to access and use PHI when necessary to conduct research.