Data Security and Confidentiality for TB, HIV, STD and Viral Hepatitis Programs
The DPH Data Security and Confidentiality Policies and Procedures for TB, HIV, STD, and Viral Hepatitis Programs describe standard procedures used to safeguard public health surveillance data. This policy is reviewed and updated annually or as needed by the Data Security Managers in response to changing technology, personnel, and/or state and federal standards.
Program-specific guidelines are noted. Components not specifically labeled apply to all program areas with access to personally identifiable information (PII) and/or protected health information (PHI).
This policy is intended to be in compliance with the CDC Data Security and Confidentiality Guidelines: Data Security and Confidentiality Guidelines for HIV, Viral Hepatitis, Sexually Transmitted Disease, and Tuberculosis Programs: Standards to Facilitate Sharing and Use of Surveillance Data for Public Health Action, U.S. Department of Health and Human Services, Centers for Disease Control and Prevention.
These policies and procedures are considered minimum standard. There may be scenarios not covered within the document where staff, supervisors and/or managers will review security and confidentiality of PII and/or PHI and may elect to apply more stringent standards.
Annually and as needed, staff with access to PII/PHI receives confidentiality training in accordance with these policies and procedures. Training is conducted by appropriate staff as determined by the Overall Responsible Party (ORP).
The following documents have been updated for 2023:
Data Security and Confidentiality Appendices and Attachments
For additional information about Data Security and Confidentiality, please contact the appropriate Program or Office for assistance.
HIV/Viral Hepatitis and CDC Compliance: (860) 509-7900
TB/STD and DPH Compliance: (860) 509-7722
DPH Information Technology: (860) 509-7777
DPH Legal Office: (860) 509-7600
DPH Communications Office: (860) 509-7270