Skip Navigation LinksHIPAA-and-Your-Privacy-Rights

Privacy Office

HIPAA & Your Privacy Rights at CDPH

What is HIPAA?

HIPAA is an acronym for the Health Insurance Portability and Accountability Act that was signed into law in 1996. The HIPAA Privacy Rule establishes national standards to protect individuals' medical records and other personal health information.

 Statement of CDPH HIPAA Covered Entity Status

CDPH is a "hybrid entity" under HIPAA. As a hybrid entity under HIPAA, CDPH as a whole is considered a covered entity whose business activities include both HIPAA covered and non-covered functions.

CDPH HIPAA Covered Healthcare Components 

CDPH has designated certain programs as HIPAA covered health care components. All other CDPH programs have been determined by CDPH to be non-HIPAA-covered components of the Department.

Notices of Privacy Practices 

A Notice of Privacy Practices is a document that informs an individual of the uses and disclosures of personal information that may be made by the Department's programs that are covered health care components under HIPAA,  and of the individual's rights and the covered program's legal duties with respect to personal information.

Your Privacy Rights & Forms

Federal and state laws require that individuals (or their personal representative) be provided certain rights regarding their personal information generated and maintained by the California Department of Public Health or the Department's business associate. Any personal information requests shall be made in writing using the appropriate forms.

ā€‹ā€‹
Page Last Updated :