CDSS-ISPO-5310.1-P001, Privacy Statement

California Department of Social Services

Privacy Statement

Effective: June 2016
Revised: May 2026
Last Revision: June 2026

The California Department of Social Services (CDSS or Department) is committed to promoting and protecting the privacy rights of individuals as enumerated in Article 1 of the California Constitution, the Information Practices Act of 1977, and other state and federal laws.

It is the policy of CDSS to safeguard the privacy of personal information collected or maintained by the Department.

CDSS' information management practices are governed by the requirements of the following authorities and all other laws pertaining to information privacy:

• Government Code Section 11015.5
• Health and Safety Code Section 1500 et seq.
• Information Practices Act - Civil Code Section 1798 et seq.
• California Public Records Act (California Government Code Sections 7920.000, et seq.)
• Safeguarding Information for the Financial Assistance Programs - 45 CFR Section 205.50
• Statewide Administrative Manual (SAM) Section Privacy 5310 et seq.
• Statewide Information Management Manual (SIMM) 5310 - A & B.
• Welfare and Institutions Code Section 10850 et seq.

Collection and Use of Personal Information

CDSS follows these principles in collecting and managing personal information:

• CDSS collects personal information on individuals only as allowed by law to administer programs serving people across the state. Any subsequent use of the information shall be limited to and consistent with the fulfillment of those purposes and/or to make disclosures as required or authorized by law.
• Personal information, as defined in the Information Practices Act, is information that identifies or describes an individual, including, but not limited to name, social security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history.
• CDSS only collects personal information that is necessary and appropriate for the type of services requested. Each form that collects privacy information will include, on or with the form, a Privacy Notice on Collection enumerating the specific purposes for which personal information is collected.
• Personal information will not be disclosed, made available, or otherwise used for purposes other than those specified in the Privacy Notice on Collection, except with the consent of the subject of the information, or as authorized by law or regulation.
• CDSS collects personal information directly from individuals who use one or more of the CDSS web sites to obtain services. Collection of this information is required to deliver specific services; however, use of the services is voluntary.

Protection of Personal Information

CDSS employs reasonable security measures to protect personal information from loss, unauthorized access, use, modification, or disclosure. These measures include but are not limited to:

• Data encryption for storage and transmission.
• Role-based access controls to limit access to authorized personnel only.
• Regular security audits and vulnerability assessments.
• Compliance with state and federal data protection regulations.
• Employee training on data privacy and security best practices.

CDSS will not commercially distribute or sell any collected personal information about users to any third party without the user's written consent.

Individual Rights to Access and Correction

For personal information access requests, send an email to CDSS' Public Inquiry and Response (PIAR) Unit at piar@dss.ca.gov and/or call (916) 651-8848. PIAR will direct you to the program representative who can help with your request.

Collection of Electronic Personal Information

CDSS collects electronic information from people who visit our Internet website. When you visit a CDSS website, site usage data is collected using JavaScript and cookies for the purpose of enhancing user experience. The JavaScript will not continue to run once you leave or close the website in your browser, and you can remove the cookies using tools in your browser. Cookies may be session cookies, which expire when the browser session ends, or persistent cookies, which remain on the user's device until they expire or are deleted by the user. Google Analytics cookies or similar analytics identifiers remain for the period configured by CDSS or Google Analytics unless deleted earlier by the user through browser settings or other available opt-out tools. Some of the site usage data collected includes:

• The domain name or Internet Protocol address of the device used to access the CDSS website.
• The type of browser and operating system used.
• The date and time the website was visited.
• Web pages displayed, page elements clicked, and forms interacted with.

We do not collect home, business, or email addresses, or account information from persons who simply browse our Internet website. CDSS collects personal information about individuals through our website only if an individual provides such information to the Department voluntarily through forms or surveys. You have the right to request deletion of any electronically collected personal information maintained by CDSS, without further use or distribution.

For more information on cookies and how to remove them, visit: USA.gov Opt-Out Instructions

Public Records and Data Usage

• Electronically collected personal information is exempt from requests made under the Public Records Act.
• CDSS uses Google Analytics to help understand how visitors interact with the CDSS websites to improve each website. You can read Google's security and privacy policies for Google Analytics. You can choose not to have your data used by Google Analytics by downloading their opt-out browser add-on. Selecting to opt out will not interfere with your ability to use the CDSS website or obtain services.

Contact Information

For questions, comments, complaints, or requests related to this Privacy Policy, or if you would like to have any electronically collected personal information deleted please contact:

CDSS Information Security & Privacy Officer
744 P Street, MS 9-10-70
Sacramento, CA 95814
Email: ISO@dss.ca.gov
Phone: (916) 651-8848

For more general information about online privacy and security, please see the California Department of Justice's Online Privacy Page.