The Office of HIPAA Compliance (OHC) is the Department of Health
Care Services’ (DHCS) office responsible for implementing the regulations of
the Health Insurance Portability and Accountability Act (HIPAA) of 1996.
OHC is responsible for the project management, coordination and, in most
cases, performance of Department HIPAA compliance activities through
partnerships with DHCS program areas, Enterprise Innovation Technology Services
(EITS), and Medi-Cal fiscal intermediaries.
OHC’s Information Protection Unit (IPU) and the Office of Legal
Services’ Privacy Office work collaboratively with DHCS business associates,
counties, and other state agencies, with whom we establish
contractual relationships, to safeguard
Protected Health Information (PHI) and Personally Identifiable Information
(PII), and investigate privacy breaches and complaints involving unauthorized
access or disclosure of PHI, PII, and confidential information.
The IPU has
no authority to investigate reports of HIPAA breaches for individuals or
entities with whom we do not have an existing agreement.