Loading...

Attention A T users. To access the menus on this page please perform the following steps. 1. Please switch auto forms mode to off. 2. Hit enter to expand a main menu option (Health, Benefits, etc). 3. To enter and activate the submenu links, hit the down arrow. You will now be able to tab or arrow up or down through the submenu options to access/activate the submenu links.

Privacy Service

Menu
 

Privacy Principles

The Principle of Openness

When VA collects personal data from an individual, VA will inform him or her of the intended uses of the data, the disclosures that will be made, the authorities for the data’s collection, and whether the collection is mandatory or voluntary. VA will collect no data subject to the Privacy Act unless a Privacy Act System of Records Notice has been published in the Federal Register and posted on the VA Systems of Records website.

The Principle of Individual Participation

Unless VA has claimed an exemption from the Privacy Act, everyone will be granted access to his or her records, upon request, provided a list of disclosures made outside VA and provided the opportunity to make corrections to his or her file if errors are identified.

The Principle of Limited Collection

VA will collect only those personal data elements required to fulfill an official function or mission. Those collections will be conducted by lawful and fair means.

The Principle of Limited Retention

VA will retain personal information only for as long as necessary to fulfill the purposes for which it is collected. Records will be destroyed in accordance with established VA records management principles.

The Principle of Data Quality

VA will make every effort to maintain accurate, relevant, timely and complete data about individuals.

The Principle of Limited Internal Use

VA will use personal data for lawful purposes only. Access to any personal data will be limited to those individuals within VA with an official need for the data.

The Principle of Disclosure

VA personnel will guard all personal data to ensure that all disclosures are made with written permission or in strict accordance with privacy laws.

The Principle of Security

All personal data shall be protected by safeguards appropriate to ensure security and confidentiality. Electronic systems will be periodically reviewed for compliance with the security principles of the Privacy Act, the Computer Security Act, Heath Insurance Portability and Accountability Act (HIPAA), and related statutes. Electronic collection of information will only be conducted in a safe and secure manner.

The Principle of Accountability

VA, its employees and contractors are subject to civil and criminal penalties for certain breaches of privacy. VA shall be diligent in sanctioning individuals who violate privacy rules.

The Principle of Challenging Compliance

An individual may challenge VA if he or she believes that VA has failed to comply with these principles, privacy laws, or the rules in a system of records notice. Challenges may be addressed to the VA Privacy Service.