Skip UCSF navigation|About accessibility UCSF University of California, San Francisco
About UCSF
Search UCSF
UCSF Medical Center
End of UCSF navigation
Skip breadcrumbs navigationUCSF which contains School of Pharmacy which contains PharmD Degree Program which contains Information for Current Students which contains Computer Services which contains E-mail which contains Set Up E-mail which contains Set Up Apple iPhone & iPod touch
School of Pharmacy
Set Up E-mail
Overview |

End of section-level navigation

Set Up Apple iPhone & iPod touch

These instructions for students describe how to set up your Apple iPhone or Apple iPod Touch to connect to your UCSF email account. For other methods of connecting to UCSF email, see Set Up E-mail. If you encounter a problem during setup, see Resolve E-mail Problems.

Understanding the risks

Before you set up email as described below, we want you to know that by doing so you agree to potential financial liabilities and possible disciplinary action if you fail to keep confidential legally protected patient care data.

  1. Federal and state laws and University policy state or imply that information security is your responsibility.
  2. You cannot predict when someone you work with will send unencrypted confidential information to your email account.
  3. You cannot predict when you might lose your device or it is stolen.
  4. Not all smartphones and handheld computers store and delete data securely (e.g., stored encrypted, deleted by writing the medium with multiple passes of data).
  5. Even devices thought to be secure might later be found to be insecure. Examples: Apple Patches iPhone SMS Security Hole With Software Update and Hacker Says iPhone 3GS Encryption Is 'Useless' for Businesses.
  6. When you report a lost or stolen device in a timely manner, ActiveSync-connected devices can be remotely erased upon request, and both your timely reporting and the device's timely erasure significantly increase the chances that the penalties will be less severe or none at all. If later found or returned, your device can be restored from a backup you might have.
  7. If applicable, you will be held personally liable -- up to $250,000 per violation.
  8. Even if you are found personally liable, that does not necessarily exonerate the University from financial liability, and the University also has an interest in protecting its reputation.
  9. If applicable, CalOHII might notify the licensing board of a violation, which could affect your ability to practice.

Two methods are described below. One is lower-risk, and the other is higher-risk.

Lower-Risk

Use Safari on your iPhone to check UCSF Webmail at http://exchange.ucsf.edu. Webmail will always connect securely by default. This method has fewer risks than the method below, but it is more cumbersome to use.

Higher-Risk

This method describes how to configure the Mail application on your device to connect to UCSF email.

September 2009: Apple has not yet responded to a research scientist's July 14, 2009, claims that all models of the iPhone (and presumably iPod Touch) are insecure from a real-world perspective. (See Hacker Says iPhone 3GS Encryption Is 'Useless' for Businesses and iPhone Insecurity.) The connection method described below still works, but at this time UCSF recommends against using it until this issue is resolved.

iPhone users: If you have an original iPhone or an iPhone 3G, the instructions below will work for you today, but at some future date yet to be determined these devices will no longer be permitted to connect to UCSF email using the method below because they do not support hardware encryption. At that time, we recommend that you remove the UCSF email settings from your iPhone, back up your iPhone, securely erase it, then restore your iPhone from the backup. If you have an iPhone 3GS or later, your device supports hardware encryption and will not be affected by this forthcoming policy implementation.

About our security requirements

When you set up your iPhone or iPod Touch to check UCSF email using the instructions below, your device is automatically configured with the following security measures:

  1. Your device must use a password of at least 4 characters to unlock the device.
  2. After 15 minutes of inactivity, you must re-enter your password.
  3. After 7 failed login attempts, your device is automatically erased.
  4. At any time, and with your permission, UCSF email administrators can remotely erase your device if it is lost or stolen.

These measures increase the overall level of information security since UCSF people do, at varying rates, send and receive confidential information in email. If any of these security measures are disabled, UCSF email will no longer be delivered to or from your device.

Setup instructions

Before you begin, you need to know how to check your UCSF email account to complete this setup process. If you have never checked UCSF email before, see Set Up Webmail.

  1. Log in to help@UCSF Web Application Login using these credentials:

      What is it? Example
    UserID your SAA User ID sf123456
    Password your 8-digit birthdate in yyyymmdd format 19860701

    The ActiveSync Device Activation Request Form appears. If you encounter a problem at this step, see Resolve E-mail Problems.

  2. Complete the form, then select Activate to submit it. The system sends a confirmation request to your UCSF email address. If you encounter a problem at this step, see Resolve E-mail Problems.
  3. Check your UCSF email account, and visit the URL provided in the message. If you encounter a problem at this step, see Resolve E-mail Problems.
  4. Configure your iPhone or iPod Touch: iPhone ActiveSync Configuration. The dialogs you encounter might look slightly differently than what our instructions describe, but the settings will be mostly the same and should work. Your iPhone or iPod Touch should now be able to send and receive email for your UCSF email account. If you encounter a problem at this step, see Resolve E-mail Problems.

Before selling or disposing of your iPhone or iPod Touch

If your iPhone or iPod Touch contained any unencrypted and legally protected information, California and federal laws and University policy require you to securely erase the computer's hard drive so that thieves cannot retrieve any confidential data that you might have deleted but which remain on the device undetectable by you. Details: See column 2 at Computer Recycling.

Report a lost or stolen iPhone or iPod Touch

California and federal laws and University policy require you to report a lost or stolen iPhone or iPod Touch if it stored any unencrypted and legally protected information. UCSF Customer Support can remotely erase your ActiveSync-connected iPhone or iPod Touch upon request. Details: Report a lost or stolen iPhone. For details about reporting requirements, see About Privacy.

Back up your data

We recommend that you confirm that iTunes is successfully backing up your iPhone or iPod Touch and that the encrypted backup checkbox is selected. Details: iPhone and iPod Touch: About backups.

Questions?

If you encounter a problem during setup, see Resolve E-mail Problems.

Related Links

How to connect to UCSF wireless

Shortcut to This Page

To reach this page quickly or share it with others, use pharmacy.ucsf.edu/go/iphone, which redirects to a longer URL.

Go To: Set Up E-mail