Mission Statement
Ensure vigilance in the protection of privacy information and promote compliance across the organization.
What We Do
The Defense Health Agency (DHA) Privacy and Civil Liberties Office (Privacy Office) oversees the protection of personally identifiable information (PII)/protected health information (PHI) within the Military Health System (MHS), one of the largest integrated health care delivery systems in the United States, serving more than 9.4 million eligible beneficiaries.
We support MHS compliance with Federal privacy and security laws, and Department of Defense (DoD) regulations and guidance. This includes managing and evaluating potential risks and threats to the privacy and security of MHS health data by performing critical reviews through:
- Evaluation of privacy and security safeguards, including conducting annual Health Insurance Portability and Accountability Act (HIPAA) of 1996 Security Risk Assessments
- Performance of Internal Privacy Office Compliance Assessments
- Establishment of organizational performance metrics to identify and measure potential compliance risks
- Consultation for leadership and the workforce on areas of DHA-level oversight
In addition, the DHA Privacy Office has specific responsibility for various DHA-level areas. We support HIPAA development to comply with Federal laws, DoD regulations, and guidelines governing the privacy and security of PII/PHI, as well as the development and revision of DHA privacy-related plans, policies, and procedures. Key elements include:
- HIPAA Privacy and Security
- Privacy Act of 1974
- Freedom of Information Act (FOIA)
- Data Sharing Compliance
- Human Research Protection
- Training for the Workforce
- Upholding Civil Liberties
The DHA Privacy Office also engages DHA stakeholders, including employees and contractors, by developing and delivering education and awareness materials and ongoing workforce privacy and HIPAA security training.
Learn about DHA Privacy and Civil Liberties programs.