Incident Management: How to Handle a Privacy Incident
Attend VA Privacy Service's Privacy In Action Speaker Series event on January 28, 2016, “Incident Management: How to Handle a Privacy Incident”. Registration opens soon on our Events page.
Health Care Data De-Identification and Clinical Research
Health data de-identification can give health care organizations an opportunity to present data for research purposes in a way that does not compromise patient privacy.
Protect yourself from Facebook “Dislike” Scam
Watch out for Facebook ads promoting a “dislike” button. Users who click the link are asked for personal information and forced to share the advertisement with their friends lists.
Apple's new policy website puts privacy in laymen's terms
Who We Are
VA Privacy Service is responsible for overseeing, directing and establishing the long and short-term goals for VA’s Enterprise Privacy Program. As the impact of privacy issues increase, Privacy Service identifies privacy needs and implements strategies to meet those needs. We advise senior officials concerning data management and the feasibility of the Department’s privacy priorities and implementation plans. We work to ensure compliance with Federal and VA-specific privacy requirements. Also, we ensure the attainment of Department-wide privacy objectives in the overall VA planning, programming, and budgeting process.
What We Do
Overseeing and directing VA’s privacy program activities including but not limited to conformance to the Health Insurance Portability and Accountability Act (HIPAA) and the Electronic Communications Privacy Act, COMSEC regulations, non-disclosure statutes, OMB guidance on computer cookies, OMB Circular A-130, Government Paperwork Elimination Act, user authentication, insider threat, and identity theft ...
The Principle of Openness
When VA collects personal data from an individual, VA will inform him or her of the intended uses of the data, the disclosures that will be made, the authorities for the data’s collection, and whether the collection is mandatory or voluntary. VA will collect no data subject to the Privacy Act unless a Privacy Act system notice has been published in the Federal Register and posted on the VA Systems of Records website