My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Agenda Packet_2022-03-15
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2022
>
03/15/2022 Regular
>
Agenda Packet_2022-03-15
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/14/2022 12:29:18 PM
Creation date
3/14/2022 12:19:52 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Date
3/15/2022
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
437
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
1. Immediately upon identifying any suspected privacy or security incidents, breaches, <br />intrusion or unauthorized access, use, or disclosure of PII, the SSA employee will <br />immediately notify their Regional/Program Manager/Admin Management Team, with a <br />CC to their immediate Supervisor. <br />2. The Regional/Program Manager, upon receiving information about the privacy or <br />security incident, will immediately submit a Privacy Incident Report (PIR) to the Quality <br />Support Team (QST)/Custodian of Records (COR) at <br />SSAcustodianofrecordsinbox@SSA.ocgov.com with a CC to their Deputy Division <br />Director, via a secure email message with the subject line "Initial PIR [secure]". Each <br />section of the PIR will be completed with as much information as available at the time of <br />drafting. No PII should be included in the PIR. <br />3. Upon receipt of the PIR, the Quality Support Team will collaborate with the <br />Regional/Program Manager to further identify any details necessary to better assess the <br />incident. <br />4. Upon gathering this information, the Quality Support Team will then connect with the <br />County Privacy Officer to identify next steps. <br />5. As determined to be required, the QST/COR shall advise the identified program point <br />of contact ("Action Officer") to update the PIR to include any additional information <br />required. a. If the incident meets any of the criteria noted in the County Significant <br />Incident/ Claim Reporting Protocol, QST/COR shall draft a report containing the <br />basic/concise facts and submit to the Chief Deputy Director with the PIR attached for <br />review and submission to IncidentReport@ocgov.com. <br />6. QST/COR will serve as the Agency's point of contact for the County Privacy Officer <br />and will communicate all applicable steps identified by the County Privacy Officer to the <br />Action Officer. <br />a. The Action Officer will be responsible for coordinating all applicable activities <br />required to notify and rectify the privacy/security issue that was identified. <br />i. Action Officers will be assigned and will vary depending on the <br />program. <br />ii. Depending on the type of issue, the References Section provided below <br />will provide more information on what actions are necessary to rectify the <br />situation. Loss of Medi-Cal PII involves different steps than a loss of PII <br />for other programs. <br />b. The Action Officer shall oversee the completion of the investigation of the <br />privacy or security incident. <br />WQM0522 Page 4 of 6 March 1, 2022 <br />City Council 20 — 78 3/15/2022 <br />
The URL can be used to link to this page
Your browser does not support the video tag.