Dept. of Industrial Relations logo
Department of Industrial Relations (DIR) Department of Industrial Relations

DATA COLLECTION AND USE POLICY *

Who is the California Department of Industrial Relations?

The Department of Industrial Relations is the umbrella entity for the following divisions:

To learn more about the work of a division, click on its name above.

The Department Collects Information

Each division within the Department collects, uses and distributes different types of information in order to perform its public mandate. A division may use personal, confidential and/or proprietary information:

  • As defined by California Information Practices Act (see link below), personal information is information maintained by an agency that describes an individual. It includes an individual’s name, address, date of birth, Social Security number, wages, and medical condition. The type of personal information used and collected by the Department varies by division. For example, the Division of Workers’ Compensation collects information regarding the nature of an injured worker’s workplace injury, while the Division of Apprenticeship Standards collects an individual’s name and his apprenticeship certification status.
  • Much of the information collected by public agencies in California, including the Department, must be made available to the public under California’s Public Records Act (see link below). Certain information collected and used by the Department, however, has been designated “confidential” pursuant to state or federal law. Confidential information is not disclosed to the public or made available for the public’s inspection unless such disclosure is compelled by a court order.  California’s Public Records Act outlines categories of confidential information, and provides a list of specific documents exempt from disclosure and inspection requirements.
  • Proprietary information is information owned by a private party that describes or identifies a unique business process or method. An example of proprietary information used by the Department is the elevator design specifications collected, reviewed and maintained by the Division of Occupational Safety and Health when it reviews an elevator operating permit.

Whether and how a division may use, share or disclose a particular kind of information is determined by a matrix of federal and state laws and regulations. The Department of Industrial Relations and each of its divisions must comply with all applicable laws and regulations.

To illustrate, many of those laws require the Department to safeguard personal information.  The Department of Industrial Relations does not sell the personal information it collects to any other party. Also, the Department may not publicly display Social Security numbers. Other laws, however, require the Department to either share or disclose personal information. For example, the Department must disclose certain information related to business license applicants.  

Also, once a matter on which the Department has collected information becomes the subject of a public proceeding (such as the adjudication of a workers’ compensation claim), the information becomes available to the public.

The Department’s Policy on Data Collection and Protection

In addition to complying with applicable data protection laws and regulations, the Department has developed the following practices:

  • The Department does not collect personal information from users of its websites. The Department does not use cookies or other electronic tools to identify users, or to track or monitor the online behavior of specific visitors to its website. The Department does utilize Google Analytics, however, to capture information about the number of users to its website for purposes of understanding how people use the website, determining what pages are most and least visited, and identifying technical problems with the website. The Department does not sell or share Google Analytics’ data about its website. Please refer to Google’s website, www.google.com, for information about Google Analytics and  Google’s practice of collecting IP addresses (the unique address of the computer you use to visit the Department’s website). You can prevent Google Analytics from capturing information about your use of the web, including your use of the Department’s website, by following the instructions provided at http://www.google.com/intl/en/analytics/privacyoverview.html.  Last, please note that while the Department maintains a server log to track information about website usage not gathered by Google Analytics, such information does not include personal information as defined under Government Code Sec. 11015.5 or the Information Practices Act (Civil Code Sec. 1798 et seq.). 
  • The Department does not sell or share email addresses of members of the public who contact the Department through public (electronic) mailboxes. When public questions or comments are part of the State’s rulemaking process, however, the Department is required by law to maintain records of those communications. Questions or comments that are part of the rulemaking process become part of the public record, and may be reviewed by anyone upon request.
  • The Department safeguards information through employee training and discipline.  All Department employees must take privacy and data protection training upon hiring, and annually thereafter.  Certain employees may be required to sign confidentiality statements in order to have access to, or use, personal, confidential or proprietary information provided to the Department by another agency. Last, the Department recognizes any breach of confidentiality or data protection obligations by an employee as grounds for discipline, up to and including termination.
  • The Department minimizes risks to personal, confidential and proprietary information through a combination of workplace guidelines and technology. The Department regularly reviews both guidelines and technological resources to ensure that it is taking reasonable and appropriate measures to provide the most protection possible.  
  • The Department collects the minimum amount of personal information necessary to accomplish its mandate. The best way to protect against the misuse, or loss of personal information is to not collect it in the first place. In 2010, the Department began a review all data collection practices in an effort to limit the kinds of personal information it collects. That review continues. In addition, the Department is reviewing all data-sharing agreements to ensure that no personal information is shared or distributed without proper authority.

Learn More

The Department encourages you to learn more about the laws governing the use and disclosure of personal, confidential and proprietary information. California’s Office of Privacy Protection website at www.privacy.ca.gov has a number of resources. You will find links to the text of several privacy and data protection laws by clicking on the “Privacy Laws” tab at the top of the Office’s homepage. Most of these laws pertain only to businesses. California’s Information Practices Act of 1977 and Public Records Act are two of the most significant data collection and protection laws governing public agencies, including the Department and its divisions. Click on the following for links to the text of those laws:

Contact the Department  

If you have questions regarding the Department’s collection, use and protection of personal, confidential and/or proprietary information, please contact the Department by sending an email to Privacy@DIR.ca.gov.

 

*This policy is effective November 1, 2011, and subject to revision.