The Department of Homeland Security (DHS or Department) will use EventBrite for event planning, management, and attendee registration. DHS Office of Public Affairs (OPA) serves as the executive agent for the department’s use of EventBrite and controls who at the Department has access to use the service.
The next Data Privacy and Integrity Advisory Committee meeting will be held February 26, 2019, from 9:00am-10:30am via teleconference. Attached please find the following:
- Federal Register Notice
- DRAFT Biometrics Report
The Department of Homeland Security Privacy Office (PRIV) conducted a Privacy Compliance Review (PCR) to assist certain Components identify and mitigate risks that may occur by inadvertent disclosure of information protected by Title 8, United States Code (U.S.C.), Section 1367, confidentiality and prohibited source provisions. Section 1367 incidents are particularly sensitive, given the vulnerability of the population they are meant to protect and the potential legal liabilities for certain violations of the statute. Through this PCR, PRIV examined Components’ privacy protections and made four recommendations of best practices to prevent and mitigate future privacy incidents affecting individuals protected by Section 1367.
DHS uses Waggl as an internal employee engagement tool. DHS Office of the Chief Information Officer (OCIO) serves as the executive agent for the DHS Waggl use and controls who at the department is an Account Administrator with the access to initiate a new survey (or pulse) which then gets emailed to employees.
This fifth annual report provides assessments of activities conducted under Executive Orders 13636 and 13691 during fiscal year 2017. The scope of the report is limited to those activities with a privacy or civil liberties impact that are new or substantially changed since the fiscal year 2016 reporting cycle.
The Data Privacy and Integrity Advisory Committee will hold a public meeting on Monday, December 10, 2018.
In order to comply with the Act’s prohibition on the inclusion of a full Social Security number (SSN) in documents sent by mail, unless expressly identified as necessary by the Secretary, the DHS Privacy Office plans to implement a multi-phased effort to identify, inventory, analyze, and restructure the use of SSNs in mailed correspondence at the Department. This report describes that effort.
Additionally, the Department, led by the DHS Privacy Office, will use this opportunity to conduct a holistic review of its approach to the use of SSNs in an effort to further reduce the collection, maintenance, and use of this sensitive personal identifier. While the Department’s approach goes beyond what the Act requires, it will aid the Department in reducing the unnecessary collection and use of SSNs.
All covered persons must comply with the handling and safeguarding requirements for CVI outlined in 6 CFR § 27.400, be familiar with the CVI Procedures Manual and any other guidance the Department may provide. Access to or disclosure of CVI requires that an individual has a need to know the information and is a CVI Authorized User.