Laws and Regulations


The following outside sources provide specific legal or regulatory requirements regarding security, privacy, the collection of personal information:

Penal Code

  • Penal Code Section 502
    Describes the protection afforded to individuals, businesses, and governmental agencies regarding the tampering, interference, damage, and unauthorized access to lawfully created computer data and computer systems.

Civil Codes

Government Codes

  • Government Code 6250-6270.5
    California Public Records Act - Defines the requirements for releasing information.
  • Government Code 8314
    Prohibits the use of public resources for campaign activity, personal use, or private gain. Effective January 2008, Section 8314.5 (a) prohibits state employees and contractors from accessing obscene matter.
  • Government Code 11019.9
    Requires agencies to enact and maintain a permanent privacy policy.
  • Government Code 11549
    Established the Office of Information Security with the responsibility and authority for promoting and protecting consumer privacy, and issuing information security (confidentiality, integrity, and availability) and privacy policies, and requires all state agencies to comply with such policies.

Health and Safety Code

Privacy Law Sources

  • COPP Privacy Law Resource
    A California Office of Privacy Protection (COPP) webpage with links to some of the major privacy protection laws at the State and federal level.
  • DHCS Privacy Law Resource
    A California Department of Health Care Services (DHCS) webpage with information about and links to some of the major medical privacy protection laws at the State and federal level.

Other Sources

  • MS-ISAC Legislative Resources
    A Multi-State Information Sharing and Analysis Center (MS-ISAC) library for federal and state legislative information.

The California Office of Information Security (Office) web site contains links to other sites that are not owned or controlled by us. The information provided at these sites does not reflect the views of this Office or indicate an endorsement of a particular company or product. Please be aware that our Office is not responsible for the security and privacy practices of such other sites.


Last Updated: Friday, November 18, 2016