Sign In
Skip to content
Help us improve our website by providing your valuable feedback

Quick Links

Chief Information Security Officer
Josh Garcia


Department Security Office

The Department Security Office, managed by the DOH Chief Security Officer, is responsible for establishing, implementing, monitoring, and improving the DHSS Information Security Management System (ISMS). Specific responsibilities include:
  • Developing, coordinating the approval of, and communicating information security policies and implementing standards and procedures in support of those policies;

  • Coordinating risk assessment activities for the ISMS;

  • Coordinating training and awareness activities for the ISMS;

  • Planning and implementing controls, evaluating and recommending the selection of solutions, and participating in the development of the information technology strategies of DOH to ensure consistency with DOH information security policies;

  • Coordinating the activities of the DOH incident response team (IRT) and coordinating DOH IRT participation with the State Security Office, State IRT, forensic team, and law enforcement;

  • Coordinating and supporting security-related activities of DOH Network Services, Business Applications, and Customer Services staff, and security system liaisons;

  • Presenting information security issues, policy changes and exceptions, and recommendations to department management regarding their information security responsibilities;

  • Monitoring information security, performing audits of operation of the ISMS, and reporting on the state of information security to DOH management; and

  • Coordinating improvements to the DOH ISMS based on the results of management reviews, audits, and incident response analysis.

If you have an information security or compliance questions/concerns relevant to the Department of Health, please contact the Department Security Office at