Laws and Regulations
The following outside sources provide specific legal or regulatory requirements regarding security, privacy, the collection of personal information:
- Penal Code Section 502
Describes the protection afforded to individuals, businesses, and governmental agencies regarding the tampering, interference, damage, and unauthorized access to lawfully created computer data and computer systems.
- California Civil Code Section 56
Requires health care providers to reasonably safeguard confidential medical information and allows administrative fines for violations.
- California Civil Code Sections 1798 – 1798.78 - Information Practices Act of 1977
These widely accepted Fair Information Practice Principles are the basis for many privacy laws in the United States, Canada, Europe and other parts of the world.
- California Civil Code Sections 1798.24(t)
Release of personal information for scientific research. Additional information can be found on the Committee for the Protection of Human Subject's Web site.
- California Civil Code Sections 1798.80 -1798.84
Provides requirements for protecting an individual's personal information and the destruction of that information.
- California Civil Code Sections 1798.85 and 1798.86
Provides requirements for posting, publishing or otherwise general use of social security numbers (Social Security Confidentiality Act).
- Government Code 6250-6270.5
California Public Records Act - Defines the requirements for releasing information.
- Government Code 8314
Prohibits the use of public resources for campaign activity, personal use, or private gain. Effective January 2008, Section 8314.5 (a) prohibits state employees and contractors from accessing obscene matter.
- Government Code 11019.9
- Government Code 11549
Established the Office of Information Security with the responsibility and authority for promoting and protecting consumer privacy, and issuing information security (confidentiality, integrity, and availability) and privacy policies, and requires all state agencies to comply with such policies.
- Health and Safety Code Section 1280
Imposes reporting requirements and administrative penalties for unauthorized disclosure of patient medical information.
- Health and Safety Code Section 130200
Creates the Office of Health Information Integrity within the Health and Human Services Agency.
- COPP Privacy Law Resource
A California Office of Privacy Protection (COPP) webpage with links to some of the major privacy protection laws at the State and federal level.
- DHCS Privacy Law Resource
A California Department of Health Care Services (DHCS) webpage with information about and links to some of the major medical privacy protection laws at the State and federal level.
- MS-ISAC Legislative Resources
A Multi-State Information Sharing and Analysis Center (MS-ISAC) library for federal and state legislative information.
The California Office of Information Security (Office) web site contains links to other sites that are not owned or controlled by us. The information provided at these sites does not reflect the views of this Office or indicate an endorsement of a particular company or product. Please be aware that our Office is not responsible for the security and privacy practices of such other sites.
Cyber Threat Level
- California Security Jumpstart
- California IT Directory
- Forms and Tools
- Policy (SAM /SIMM /MM /BL /TL /Compliance)
- Really Simple Syndication (RSS) Feeds
- Samples and Templates
- Status of Required Security Reporting Activities
- California Military Department
- California Government Operations Agency
- California Department of Technology
- California Highway Patrol
- California Governor's Office of Emergency Services
- State of California Office of Health Information Integrity
- Department of Justice´s Privacy Enforcement and Protection Unit