Update on Mandated Cybersecurity Training

by Erin S. Gore April 30, 2025

As part of a University of California system-wide mandate to complete annual cybersecurity training, UCSF will begin to limit or revoke access to critical systems for anyone whose training has expired as of May 21, 2025.

Dear Colleagues,

In response to the increasing threat of cyberattacks, University of California President Dr. Michael Drake and the UC Regents issued a system-wide cybersecurity mandate. As part of this, all UC faculty and staff are required to complete annual cybersecurity training.

To meet this requirement, UCSF will begin to limit or revoke access to critical systems for anyone whose training has expired as of May 21, 2025.

How to Check and Complete Your Training

If your training has almost expired, you will receive an email reminder to complete it in the UC Learning Center (https://courses.learning.ucsf.edu/).

To find your assigned training:

Go to your "Assigned Activities"
Or access the course directly UC Cyber Security Awareness Fundamentals
BCH Oakland employees can access training here: UCSF Cyber Security Awareness - Students, BCH Oakland, and Affiliates
Learn more about required trainings on the Mandatory Training website

What Happens If You Don't Complete Training

To protect our systems and data, UCSF will enforce the following steps for expired training:

Reminder emails - You will receive notifications as your training nears expiration. You may also check your status anytime in the UC Learning Center (https://courses.learning.ucsf.edu/).
Missed deadline - If you do not meet the training deadline, your MyAccess account will be disabled, blocking access to systems like BearBuy, HBS/MyTime, DocuSign, and MyExpense.
30 days overdue - You’ll be required to change your Active Directory account password daily.
60 days overdue - Your Active Directory account will be disabled, effectively revoking access to all UCSF systems. To maintain patient care, an emergency process is in place to help those with revoked access.

UCSF has taken steps to streamline compliance, including more accurate reporting. We hope these improvements will help achieve the 100% completion mandate.

We appreciate your vigilance to help keep UCSF resilient and secure.

Sincerely,

Erin S. Gore
Senior Vice Chancellor
Finance and Administration

Patrick Phelan
Chief Information Security Officer
UCSF IT

Questions about this article? Contact Office of The Chancellor