Skip to Main Content
  • Recent
Privacy / HIPAA

The privacy of an individual is a personal and fundamental right that shall be respected and protected.
The CalVet Privacy Office is responsible for the development and maintenance of privacy policies, procedures, and guidance essential to safeguarding the collection, access, use, dissemination, and storage of protected health information (PHI) and personally identifiable information (PII).

Goals & Objectives

  • To restrict disclosure of personally identifiable information maintained by CalVet.

  • To grant individuals access to agency records maintained on them.

  • To grant individuals the right to amend agency records maintained on themselves upon a showing that the records are not accurate, relevant, timely or complete.

  • To establish practices that ensure CalVet complies with statutory norms for collection, maintenance, and dissemination or records.

Roles & Responsibilities

  • Build a comprehensive privacy program that defines, develops, maintains, and implements policies and procedures that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of PHI and PII.

  • Oversea, develop and deliver initial and ongoing privacy training to the workforce.

  • Manage all required breach determination and notification processes under HIPAA and applicable state breach rules and requirements.

  • Serve as information privacy resource to CalVet regarding release of information for all privacy related issues.

  • Partner with Human Resources, the ISO, and Legal Division to ensure consistent sanctions for privacy violations.



    • Privacy Act of 1974 – (5 U.S.C. ), establishes a code of fair information practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies.

    • Health Information Portability and Accountability Act of 1996 (HIPAA) – (45 CFR Part 160 and Part 164) requires the Secretary of HHS to publicize standards for the electronic exchange, privacy and security of health information.


    • Information Practices Act of 1977 – (California Civil Code §§ 1798-1798.78), state law that expands upon the constitutional guarantee of privacy by providing limits on the collection, management and dissemination of personal information by state agencies.

    • California Financial Information Privacy Act – (California Financial Code §§4050-4060), state law that requires financial institutions to provide their consumers notice and meaningful choice about how consumers' nonpublic personal information is shared or sold by their financial institutions.

    • Confidentiality of Medical Information Act – (California Civil Code §§ 56-56.37), state law that adds to the federal protection of personal medical records under the Health Information Portability and Accountability Act (HIPAA).

 HIPAA Program                                                 

Content Page General

Privacy / HIPAA