Data Security and Confidentiality for TB, HIV, STD and Viral Hepatitis Programs
The DPH Data Security and Confidentiality Policy and Procedures for the TB, HIV, STD, and Viral Hepatitis Section describe policies and standard procedures used to safeguard the confidentiality of public health surveillance information. This policy is reviewed and updated annually or as needed by the Data Security Managers in response to changing technology, personnel, and/or CDC standards.
Program-specific guidelines are labeled (e.g., HIV is not reportable to local health departments). Components that are not specifically labeled apply to all program areas.
This policy is intended to be in compliance with the CDC Data Security and Confidentiality Guidelines: Data Security and Confidentiality Guidelines for HIV, Viral Hepatitis, Sexually Transmitted Disease, and Tuberculosis Programs: Standards to Facilitate Sharing and Use of Surveillance Data for Public Health Action, U.S. Department of Health and Human Services, Centers for Disease Control and Prevention.
This policy is considered the minimum standard. There may be scenarios not covered within the policy where staff, supervisors and/or Program Coordinators will need review security and confidentiality of personally identifying information (PII) and/or protected health information (PHI) and may need to apply more stringent standards.
Annually and as needed, staff with access to PII/PHI receives confidentiality training in accordance with these policies and procedures. Training is conducted by appropriate staff as determined by the Overall Responsible Party (ORP).
The following documents have been updated for 2020:
For additional information about Data Security and Confidentiality, please contact the appropriate Program or Office for assistance.
HIV/HCV and CDC Compliance: (860) 509-7900
TB/STD and DPH Compliance: (860) 509-7920
DPH Information Technology: (860) 509-7777
DPH Legal Office: (860) 509-7600
DPH Communications Office: (860) 509-7270