IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.
Cybersecurity

DHS Privacy Compliance Progressing but Challenged, According to GAO

Notifying and reporting data to public still untimely and slow.

July 27, 2010 • 
News Report
The DHS Privacy Office has made significant progress in carrying out its statutory responsibilities under the Homeland Security Act and its related role in ensuring compliance with the Privacy Act of 1974 and E-Government Act of 2002, but more work remains to be accomplished. Specifically, the Privacy Office has made significant progress by establishing a compliance framework for conducting PIAs, which are required by the E-Gov Act. The framework includes formal written guidance, training sessions, and a process for identifying affected systems. The framework has contributed to an increase in the quality and number of PIAs issued (see fig.) as well as the identification of many more affected systems. The resultant workload is likely to prove difficult to process in a timely manner. Designating privacy officers in certain DHS components could help speed processing of PIAs, but DHS has not yet taken action to make these designations. 

The Privacy Office has also taken actions to integrate privacy considerations into the DHS decision-making process by establishing an advisory committee, holding public workshops, and participating in policy development. However, limited progress has been made in updating public notices required by the Privacy Act for systems of records that were in existence prior to the creation of DHS. These notices should identify, among other things, the type of data collected, the types of individuals about whom information is collected, and the intended uses of the data. Until the notices are brought up-to-date, the department cannot assure the public that the notices reflect current uses and protections of personal information.

Further, the Privacy Office has generally not been timely in issuing public reports. For example, a report on the Multi-state Anti-Terrorism Information Exchange program--a pilot project for law enforcement sharing of public records data--was not issued until long after the program had been terminated. Late issuance of reports has a number of negative consequences, including a potential reduction in the reports' value and erosion of the office's credibility. 

GAO recommends that the Secretary of Homeland Security take several actions including appointing privacy officers in key DHS components, implementing a process for reviewing Privacy Act notices, and establishing a schedule for timely issuance of Privacy Office reports.

 DHS generally agreed with the content of this report and its recommendations and described actions initiated to address GAO's recommendations.

News Report
See More Stories by News Report
Related Content
Light and dark blue illuminated dots spelling out ".GOV"
Cybersecurity
Malicious Links Target California Elections, Business Sites
December 05, 2025
Front,View,,Capitol,Dome,Building,At,Night,,Washington,Dc,,Usa.
Cybersecurity
Senate Bill Would Reaffirm State, Local Cyber Grant Program
December 04, 2025
 · News Staff
A red cloud symbol with a jagged black line through it and red lettering above it that reads "BREACH!" This is surrounded by light blue lines and circles against a black background.
Cybersecurity
Monroe County, Ga., Confronts Emergency Alert System Hack
December 03, 2025
The New Jersey Capitol building on a sunny day.
Cybersecurity
New Jersey Launches Civilian Cyber Resilience Corps
December 03, 2025
 · News Staff
Sunlight streams the blinds across the wood interior of a courtroom showing judge, plaintiff and defendant seating.
Cybersecurity
Georgia Court Clerks’ Authority Thwarts Ransomware Attack
December 02, 2025
988 sign
Cybersecurity
Congress Codifies Cybersecurity Standards for 988 Lifeline
December 02, 2025
 · News Staff
gov-footer-logo-2024.png
GT-footer-logo.png
II-footer-logo.png
NAV-footer-logo.png
CDG-footer-logo.png
CDE-footer-logo.png
CPSAI-footer-logo.png
EM-footer-logo.png