Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
DHS shares privacy expertise in new handbook
Tuesday - 7/6/2010, 6:46pm EDT
Federal News Radio
Agencies now can have a look at the way the Department of Homeland Security does privacy.
DHS says the document "not only describes the wide-ranging activities of the [Privacy] Office, but also explains how the office works to build a privacy culture at DHS."
DHS says it hopes the guide will help others understand its privacy program, which it describes as "one of the leading . . . programs within the federal government."
The Chief Information Officer's Council published DHS's privacy handbook last week on its site in an effort to share it with a broader community.
The guidebook outlines the numerous strategies DHS employs to minimize its impacts on citizens' privacy, such as frequent certifications to ensure that all personally identifiable information (PII) is secure and "accurate, relevant, timely, complete and reduced to the minimum necessary."
"Privacy and information security are closely linked, and strong practices in one area typically support the other," the document states.
The department's efforts also include mandatory trainings on privacy for all employees and contractors. DHS has also made multiple additional training sessions available to instill workers with what they call a "culture of privacy."
In addition to privacy protection policies, the guidebook also spells out the department's response to complaints of privacy breaches. DHS has a dedicated Complaint Tracking System (CTS) that documents "the name of the complainant, type of complaint, and other pertinent data" for each individual grievance. Complaints are then categorized, reviewed and acted upon when necessary.
The tracking systems is completely self-contained and accessible only by DHS's Privacy Office, according to DHS's Privacy Impact Assessment of the system. The PIA states that access to the system must go through an approved encryption scheme, and remote access is strictly-monitored.
"Privacy considerations are woven directly into business processes throughout the department," DHS says. This ensures that "privacy is integrated into decision making from the very beginning."
Rachel Stevens is an intern with Federal News Radio.
(Copyright 2010 by FederalNewsRadio.com. All Rights Reserved.)