Our Mission
Ensure vigilance in the protection of privacy information and promote compliance across the organization.
What We Do
We enforce compliance with Federal statute and DOD privacy and civil liberties related regulation and policy throughout the MHS. This includes managing and evaluating potential risks and threats to the privacy and security of MHS health data by performing critical reviews and conducting:
- Evaluation of privacy and security safeguards, including conducting annual HIPAA Security Risk Assessments
- Performance of Internal Privacy Office Compliance Assessments
- Establishment of organizational performance metrics to identify and measure potential compliance risks
- Consultation for leadership and the workforce on areas of DHA-level oversight
In addition, we have specific responsibility for various DHA-level areas. We support HIPAA development to comply with Federal laws, DOD regulations, and guidelines governing the privacy and security of PII/PHI, as well as the development and revision of DHA privacy-related plans, policies, and procedures. Key elements include:
- Breach Prevention and Response
- Civil Liberties Compliance
- Data Sharing Agreements
- HIPAA and Privacy Act Training
- HIPAA Compliance within the MHS
- Privacy Act at DHA
- Privacy Board
- Privacy Compliance
- Research Compliance with HIPAA Privacy Rule
- Risk Assessment
The DHA PCLO also engages DHA stakeholders, including employees and contractors, by developing and delivering education and awareness materials and ongoing workforce privacy and HIPAA security training.