PRIVACY - 5310
Introduction: Privacy can be understood as the rights of individuals, as defined by law, to control the collection and use of their personal information. This privacy policy is based generally on the Information Practices Act of 1977 (Civil Code section 1798, et seq.). In addition to its general application, the Information Practices Act of 1977 is broad in scope, drawing from the Fair Information Practice Principles (FIPPs), which form the basis for most privacy laws in the United States and around the world. The FIPPs help entities attain public trust and mitigate loss and risk stemming from privacy incidents.
Included among the principles are transparency, notice, and choice. Some state entities are also subject to additional state and federal privacy laws related to particular types of personal information.
Governing Authority: The following overarching privacy laws are applicable to state entities:
- Article 1, Section 1, of the Constitution of the State of California defines pursuing and obtaining privacy as an inalienable right.
- The Information Practices Act of 1977 (Civil Code section 1798, et seq.) places specific requirements on each state entity in the collection, use, maintenance, and dissemination of information relating to individuals.
- Government Code Section 11019.9 requires state agencies to enact and to maintain a privacy policy and to designate an employee to be responsible for the policy. The policy must describe the agency's practices for handling personal information, as further required in the Information Practices Act.
Policy: State entity heads shall direct the establishment of an entity-specific Privacy Program. The Privacy Program shall ensure, and privacy coordinators shall confirm, that the requirements contained in the California Information Practices Act, this policy and the associated standards are adhered to by the state entity and its personnel.
Implementation Controls: NIST SP 800-53: Personally Identifiable Information Processing and Transparency (PT)
Revisions
No Revisions for this item.