The Privacy Office serves as both an advisor and oversight body for the Department’s privacy-sensitive programs and systems.
Privacy Compliance Reviews
The Privacy Compliance Review (PCR) is a collaborative effort to help improve a program’s ability to comply with existing privacy compliance documentation, including Privacy Impact Assessments (PIA), System of Records Notices (SORN), formal agreements such as Memoranda of Understanding or Memoranda of Agreements, or at the Chief Privacy Officer’s discretion. A PCR may result in a public report or internal recommendations, depending upon the sensitivity of the program under review.
The Privacy Office tracks implementation of PCR recommendations based on supporting evidence provided by the Component Privacy Office and/or Program reviewed.
PCRs in alphabetical order:
- Analytical Framework for Intelligence
- February 2019 Update: CBP satisfactorily implemented all PCR recommendations.
- Countering Violent Extremism Grant Program
- July 2020 Update: FEMA and the Office for Targeted Violence and Terrorism Prevention satisfactorily implemented all PCR recommendations.
- DHS Use of Social Media for Communications and Outreach
- August 2014 Update: NPPD satisfactorily implemented all PCR recommendations.
- Electronic System for Travel Authorization
- Enhanced Cybersecurity Services Program
- July 2016 Update: NPPD satisfactorily implemented all PCR recommendations.
- FEMA's Information Sharing Practices
- ICE Pattern Analysis and Information Collection Law Enforcement Information Sharing Service
- Media Monitoring Initiative
- Office of the Chief Human Capital Officer Privacy Practices
- April 2020 Update: OCHCO satisfactorily implemented all PCR recommendations.
- Passenger Name Records Reviews
- Science and Technology Directorate Privacy Practices
- Section 1367 Privacy Incidents
- Southwest Border Pedestrian Exit Field Test
- October 2017 Update: CBP satisfactorily implemented all PCR recommendations.
- USCIS Customer Profile Management Service & National Appointment Scheduling System
- October 2020 Update: USCIS satisfactorily implemented all PCR recommendations.
- U.S. Secret Service Privacy Practices
Although the PCR is designed as a proactive and constructive mechanism, it is possible that potentially egregious behavior could be uncovered during the PCR. Should this occur, the Privacy Office will either refer the matter to the DHS Office of Inspector General to investigate, or convert the PCR into a formal investigation conducted under the Chief Privacy Officer’s investigative authority. The Chief Privacy Officer is authorized to conduct investigations and issue reports relating to the administration of the programs and operations of the Department as are, in the senior official’s judgment, necessary or desirable.