CDSS-ISO-5310.P001, Privacy Policy

California Department of Social Services
Privacy Policy Statement
Effective: June 2016 

The California Department of Social Services (CDSS) is committed to promoting and protecting the privacy rights of individuals as enumerated in Article 1 of the California Constitution, the Information Practices Act of 1977, and other state and federal laws.
It is the policy of CDSS to safeguard the privacy of personal information collected or maintained by the Department.

CDSS’ information management practices are governed by the requirements of the following authorities and all other laws pertaining to information privacy:

  • Government Code section 11015.5
  • Health and Safety Code section 1500 et seq.
  • Information Practices Act - Civil Code section 1798 et seq.
  • Public Records Act - Government Code section 6250 et seq.
  • Safeguarding Information for the Financial Assistance Programs - 45 CFR section 205.50
  • Statewide Administrative Manual (SAM) section Privacy 5310 et seq.
  • Statewide Information Management Manual (SIMM) 5310 - A & B.
  • Welfare and Institutions Code section 10850

CDSS follows these principles in collecting and managing personal information:

  • CDSS collects personal information on individuals only as allowed by law to administer programs serving California's most vulnerable residents. Any subsequent use of the information shall be limited to and consistent with the fulfillment of those purposes; and/or to make disclosures as required or authorized by law.

    Personal information, as defined in the Information Practices Act, is information that identifies or describes an individual including, but not limited to, name, Social Security number, physical descriptions, home address, home telephone number, education, financial matters, medical or employment history, e-mail address or Internet Protocol (IP) address.
  • CDSS only collects personal information that is necessary and appropriate for the type of services requested. When filling out an online form or survey, CDSS strives to tell people who are asked to provide information about the general uses of the information by CDSS.
  • CDSS collects personal information directly from individuals who use one or more of the CDSS web sites to obtain services. Collection of this information is required to deliver the specific services, but use of these services is voluntary.
  • CDSS does not disclose personal information. Personal information may not be disclosed, made available, or otherwise used for a purpose other than those specified, except with the consent of the subject of the personal information, or as prescribed by law or regulation.
  • CDSS tells people who provide personal information about their right to review that information. Individuals who provide personal information to CDSS have the right to review the information for accuracy and completeness and to request corrections or deletions. For personal information access requests send an email to CDSS’ Public Inquiry and Response Unit and/or call (916) 651-8848 who will then direct you to your program representative.
  • CDSS protects personal information. The Department takes precautions and security measures to protect the personal information collected or maintained by CDSS against loss, unauthorized access, use, modification or disclosure.
  • CDSS collects electronic information from people who visit our Internet website. If an individual simply browses our Internet website, CDSS automatically collects the domain name or Internet Protocol address that relates to the machine used to access the CDSS website, the type of browser and operating system used, the date and time when the website is visited, web pages displayed, and any forms that are uploaded. We do not collect home, business or e-mail addresses, or account information from persons who simply browse our Internet website. CDSS collects personal information about individuals through our website only if an individual provides such information to the Department voluntarily through forms or surveys. Electronically collected personal information is exempt from requests made under the Public Records Act.
  • CDSS uses Google Analytics to help understand how visitors interact with the CDSS websites to improve each website. You can read Google’s security and privacy policies for Google Analytics. You can choose not to have your data used by Google Analytics by downloading their opt-out browser add-on . Selecting to opt out will not interfere with your ability to use the web site.
  • CDSS will provide additional information on our privacy policy if requested. If you have further questions, comments, or complaints about our privacy policy or policy compliance you may contact:

CDSS Information Security & Privacy Officer
744 P Street
MS 9-9-61
Sacramento, CA 95814

For more general information about online privacy and security, please see the California Department of Justice’s Online Privacy page .

Other Information Security and Privacy websites

The California Department of Social Services (CDSS) works with its partners in Local, State, and Federal government to protect the confidentiality of information it receives.The following websites provide additional information on the policies and principles of information security and privacy protection.

State of California:

  1. State of California Information Security & Privacy Policies – provides information on the security and privacy policies published by the State Information Security Office.
  2. Office of the Attorney General Privacy Portal – provides information on privacy protection for citizens.
  3. California Office of HIPPA Implementation – provides guidance to state departments on protecting health information as set forth in the Health Insurance Portability and Accountability Act (HIPPA).
  4. Committee for the Protection of Human Subjects (CPHS) – is the review board that assures research involving human subjects is conducted ethically and with a minimum risk to participants.
  5. Security Awareness – contains consumer information on general security awareness provided by the Office of the Attorney General.

Federal Information:

  1. Rules and Policies – Protecting PII – Privacy Act – The webpage is intended to inform the public of GSA's privacy policies and practices.
  2. Computer Crime and Intellectual Property - The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing national strategies in combating computer and intellectual property crimes worldwide.
*CDSS is presenting these references without necessarily endorsing their content, as possible sources of information about information security and privacy topics, etc.The State of California cannot guarantee the accuracy of any information presented in the references.The information as a cited reference may not represent the policy of the State of California on the subject matter of the reference.