US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

Privacy Policy Guidance

The Privacy Office has primary authority under Section 222 of the Homeland Security Act for privacy policy at the Department of Homeland Security. Section 222 gives the Office plenary authority to ensure that the use of technologies sustains, and does not erode, privacy protections relating to the collection, use, dissemination, and maintenance of personal information, and to ensure that Personally Identifiable Information (PII) in information systems is handled in full compliance with the fair information practices set forth in the Privacy Act. All Department personnel, including federal employees, independent consultants, and government contractors involved in Department programs must comply with Department of Homeland Security privacy policies.

  • Privacy Policy Guidance Memorandum 2011-02, Department policy establishing a formal Department-wide approach to the roles and responsibilities accompanying the cross-component sharing of IT services. June 30, 2011 (PDF, 4 pages – 154 KB)
  • Privacy Policy Guidance Memorandum 2011-01, Department policy on identifying, processing, tracking, and reporting on requests for amendment of records submitted to DHS under the Privacy Act of 1974, as amended. February 11, 2011 (PDF, 3 pages – 103.85 KB).
  • Privacy and Civil Liberties Policy Guidance Memorandum 2009-01 This document constitutes the Department’s Federal ISE Privacy and Civil Liberties Protection Policy. June 5, 2009 (PDF, 12 pages - 261 KB)
  • Privacy Policy Guidance Memorandum 2008-02, Department Policy Regarding Privacy Impact Assessments, December 30, 2008 (PDF, 6 pages – 101 KB)
  • Privacy Policy Guidance Memorandum 2008-01, The Fair Information Practice Principles: Framework for Privacy Policy at the Department of Homeland Security, December 29, 2008 (PDF, 4 pages - 101 KB)
    • Fact Sheet: "The FIPPS At Work" (PDF, 2 pages - 220 KB). This fact sheet provides examples of how the Department implements these principles.
  • DHS Action Memorandum, Review of Safeguarding Policies and Procedures for Personnel-Related Data, June 13, 2007 with attachments. (PDF, 10 pages - 118 KB)
    • Attachment 1: Review of Personnel-Related Data Policies and Procedures and Self-Assessment (PDF, 13 pages - 113 KB)
    • Attachment 2: Protecting & Handling Personnel-Related Data – Quick Reference Guide (PDF, 2 pages – 14 KB)
    • Attachment 3: Verification and Confirmation Memorandum Templates (Self-Assessment and Training Certifications), (PDF, 2 pages – 17 KB)
    • Attachment 4: DHS Employee Communication from Scott Charbo and Maureen Cooney regarding Data Security and Privacy, June 8, 2006 (PDF, 2 pages – 294 KB)
    • Attachment 5: DHS Deputy Secretary Memo, April 26, 2007 regarding Advance Notice to Leadership on Unintentional Release of Privacy Act Protected Information
    • Attachment 6: OMB Memorandum 07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information, May 22, 2007 (PDF, 22 pages – 228 KB )
  • Privacy Policy Guidance Memorandum 2007-02, Regarding the use of Social Security numbers at the Department of Homeland Security, June 4, 2007 (PDF, 4 pages - 118 KB)
  • Privacy Policy Guidance Memorandum 2007-01, Regarding Collection, Use, Retention, and Dissemination of Information on Non-U.S. Persons, January 7, 2009 (As amended from January 19, 2007) (PDF, 6 pages - 164 KB)
  • Privacy Technology Implementation Guide (PTIG), August 2007 (PDF, 36 pages – 358 KB) A general guide for technology managers and developers to integrate privacy protections into operational IT systems.
  • Privacy Incident Handling Guidance (PIHG), January 2012 (PDF, 88 pages – 605 KB) Designed to inform all Department personnel of their obligation to protect PII, it also establishes procedures delineating how they must respond to the potential loss or compromise of PII.
  • Handbook for Safeguarding Sensitive Personally Identifiable Information, Revised March 2012 (PDF, 30 pages – 1.07 MB) This handbook sets minimum standards for how Department personnel should handle Sensitive PII in paper and electronic form during their everyday work activities at the Department. Included in the appendix is a factsheet summarizing its contents.
Last Published Date: January 22, 2014
Back to Top