CWDS Privacy - Effective 8/1/2017
The California Health and Human Services Agency, Office of Systems Integration (OSI), Child Welfare Digital Services (CWDS) is committed to promoting and protecting the privacy rights of individuals, as enumerated in Article 1 of the California Constitution, the Information Practices Act of 1977, and other state and federal laws.
"Personal Information" is information about a natural person that identifies or describes an individual, including, but not limited to, his or her name, social security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history, readily identifiable to that specific individual. A domain name or Internet protocol (“IP”) address is not considered personal information; however, it is considered "electronically collected personal information.
"Electronically collected personal information," as defined in California Government Code section 11015.5, means “any information that is maintained by an agency that identifies or describes an individual user, including, but not limited to, his or her name, social security number, physical description, home address, home telephone number, education, financial matters, medical or employment history, password, electronic mail address, and information that reveals any network location or identity, but excludes any information manually submitted to a state agency by a user, whether electronically or in written form, and information on or relating to individuals who are users, serving in a business capacity, including, but not limited to, business owners, officers, or principals of that business.
CWDS adheres to the following principles in connection with the collection and management of personal information:
1. CWDS collects personal information on individuals only as allowed by law. CWDS limits the collection of personal information to what is relevant and necessary to accomplish the lawful purposes of CWDS. For example, CWDS may need to know an individual's home address, e-mail address, or telephone number, in order to answer the individual's questions or in order to provide requested assistance.
2. CWDS endeavors to tell people who provide personal information to CWDS the purpose for which the information is collected. CWDS strives to tell persons, who are asked to provide personal information, about the general uses CWDS will make of that information. This is done at the time of collection. With each request for personal information, CWDS provides information on the authority under which the request is made, the principal uses CWDS intends to make of the information, and the possible disclosures CWDS is obligated to make to other government agencies and to the public.
3. CWDS uses personal information only as specified and consistent with those purposes; unless CWDS obtains the consent of the subject of the information, or as required or allowed by law. CWDS collects personal information directly from individuals who volunteer to use some of our services, including our internet/online services. Collection of this information is required to deliver the specific services, but use of these services is voluntary. If any type of personal information is requested on the website or volunteered by the user, state and federal law, including the California Information Practices Act of 1977, California Government Code Section 11015.5., and the federal Privacy Act of 1974, may protect it. However, this information may be a public record once it is provided to CWDS, and may be subject to public inspection and copying if not otherwise protected by federal or state law.
The Public Records Act exists to ensure that California government is open and that the public has a right to have access to appropriate records and information possessed by state and local government agencies. At the same time, there are exceptions to the public's right to access records. These exceptions serve various needs, including maintaining the privacy of individuals. In the event of a conflict between this Policy and any law governing the disclosure of records (such as the Public Records Act or the Information Practices Act), the applicable law will control.
A special note regarding electronically collected personal information:
- CWDS automatically collects certain electronic information from users who browse the CWDS internet website. The information that CWDS automatically collects when a user visits its website includes, but may not be limited to, the client IP address, the date and time when the website is visited, web pages displayed, and any forms that are uploaded. CWDS uses encrypted and unencrypted session cookies, text files stored temporarily on a visitor's computer by a web browser, to enable easy movement through the site. The information collected in this manner is not subject to requests made pursuant to the Public Records Act, and site visitors may request to have their information deleted without reuse or distribution by contacting us.
- More specifically, if nothing is done during a visit to the website but browsing or downloading information, CWDS automatically collects and stores the following information about the visit:
- The IP address and domain name used, but not the e-mail address. The IP address is a numerical identifier assigned either to the visitor’s Internet service provider or directly to the visitor’s computer. CWDS uses the IP address to direct Internet traffic to the visitor and generate statistics used in the management of the CWDS website;
- The type of browser and operating system used;
- The date and time the CWDS site is visited;
- The web pages or services accessed at the CWDS website;
- The website visited prior to coming to the CWDS website;
- The website visited as the visitor is leaving the CWDS website; and
- If a form is downloaded, the form that was downloaded.
The information CWDS automatically collects or stores is used to improve the content of CWDS web services and to help CWDS understand how people are using the CWDS services. This information does not identify a visitor personally and is used for gathering website statistics. The information CWDS automatically collects and stores in logs about visits to the CWDS website helps staff to analyze CWDS website to continually improve the value of the materials available. The CWDS website logs do not identify a visitor by personal information, and CWDS makes no attempt to link other websites with the individuals that browse the CWDS web site.
California Government Code section 11015.5 prohibits all state agencies from distributing or selling any electronically collected personal information, as defined above, about users to any third party without the permission of the user. CWDS does not sell any "electronically collected personal information." Any distribution of "electronically collected personal information" will be solely for the purposes for which it was provided to us.
CWDS may provide or distribute certain lists and statistical reports of regulatory information as provided by law, but no personal information is sold or distributed, and all relevant legal protections still apply to the state's websites.
- CWDS does not collect home, business or e-mail addresses, or account information from persons who simply browse the CWDS website. CWDS collects personal information about individuals through the CWDS website only if an individual provides such information to CWDS voluntarily through e-mail, registration forms, or surveys, for example. If a CWDS website visitor voluntarily participates in an activity that asks for specific information (i.e., completing a request for assistance, personalizing the content of the website, sending an e-mail, or participating in a survey), more detailed data will be collected. If a visitor chooses not to participate in these activities, that choice will in no way affect the visitor’s ability to use any other feature of the website.
- CWDS use of e-mail addresses. A CWDS website visitor may choose to provide CWDS with personal information, as in an e-mail with a comment or question. CWDS uses the information to improve service to website visitors or to respond to their requests. Sometimes CWDS will forward an e-mail to other state employees who may be better able to help, and those staff may be employed by a different agency within the state. Except for authorized law enforcement investigations or, as required by law, CWDS does not share e-mails with any other organizations. We use visitor e-mails to respond appropriately. This may be to respond to the sender, to address issues identified in the e-mail, to further improve the CWDS website, or to forward the e-mail to another agency for appropriate action.
Submission of an e-mail to CWDS, CWDS staff, and/or communication through the website, does not create any attorney-client or other privileged or confidential relationship. Accordingly, website visitors should not disclose any information to CWDS that they wish to remain private or confidential.
Cookies created on a visitor’s computer by using the CWDS website do not contain "personal information" and do not compromise the visitor’s privacy or security. CWDS uses the cookie feature only to store a randomly generated identifying temporary tag on a visitor’s computer. Visitors have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but web browser settings may be modified to decline cookies. If a visitor chooses to decline cookies, he or she may not be able to access some of the features in the CWDS interactive applications. If the visitor chooses to accept cookies, he or she also has the ability to later delete cookies that have been accepted. For example, in Internet Explorer 10 you can delete cookies by selecting “Tools,” “Safety,” “Delete browsing history,” “Cookies” and “Delete.” Each browser may provide a different way to delete cookies. If a visitor chooses to delete cookies, any settings and preferences controlled by those cookies will be deleted and may need to be recreated during the next access of the CWDS website.
4. CWDS uses information security safeguards. Reasonable precautions are taken to protect the personal information of individuals collected or maintained against loss, unauthorized access, and illegal use or disclosure. Secure Socket Layer (SSL) encryption software for CWDS Security Tool protects the security of each individual’s personal information during transmission through the CWDS website. Such personal information is stored by CWDS in secure locations. The CWDS staff is trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to those members of the CWDS staff whose work requires such access. Confidential information is destroyed according to the CWDS records retention schedule. CWDS conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed.
5. CWDS provides people who provide personal information with an opportunity to review that information. Individuals, who provide personal information, are allowed to review the information and contest its accuracy or completeness.