Skip Navigation

Defense Health Agency

"On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."

TMA Privacy and Civil Liberties Office

Mission Statement

Protect and support individual privacy and information through developing and maintaining compliance programs in accordance with federal laws, DoD regulations, and other applicable guidance.

What We Do

The TRICARE Management Activity (TMA) Privacy and Civil Liberties Office (Privacy Office) oversees the protection of personally identifiable information (PII)/protected health information (PHI) within the Military Health System (MHS), one of the largest integrated health care delivery systems in the United States, serving over 9.5 million eligible beneficiaries.

The Privacy Office supports MHS compliance with federal privacy and security laws, and Department of Defense (DoD) regulations and guidelines. Each functional area within the Privacy Office facilitates this mission by:

  • Ensuring that DoD Health Affairs (HA) and TMA policies and business practices comply with federal laws, DoD regulations, and guidelines governing the privacy and security of PII/PHI, and in the development and revision of TMA privacy-related plans, policies, and procedures
  • Managing and evaluating potential risks and threats to the privacy and security of MHS health data by performing critical reviews through:
    - Evaluation of privacy and security safeguards, including conducting annual Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Risk Assessments
    - Performance of Internal Privacy Office Compliance Assessments
    - Establishment of organizational performance metrics to identify and measure potential compliance risks
  • Engaging TMA stakeholders, including employees and contractors, by developing and delivering education and awareness materials and ongoing workforce privacy and HIPAA security training

The Privacy Office also provides dedicated assistance to the TMA Deputy Director and the Office of the Assistant Secretary of Defense (OASD) in responding to inquiries from Congress, the Office of Management and Budget (OMB), the Departments of Health and Human Services (HHS), and Veterans Affairs (VA), as well as other federal agencies and DoD components, on matters related to privacy and security.