U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. News
  3. Publications Library
  4. Privacy


The DHS Privacy Office is responsible for evaluating the Department programs, systems, and initiatives for potential privacy impacts, and providing strategies to reduce the privacy impact.

  • DHS/I&A/PIA-001 Public-Private Sector Analytic Exchange Program (AEP)

    The U.S. Department of Homeland Security (DHS) Office of Intelligence and Analysis (I&A) acts as an Executive Agent for the Public-Private Sector Analytic Exchange Program (“AEP” or “the Program”) on behalf of the Office of the Director of National Intelligence (ODNI). The purpose of the AEP is to provide intelligence community (IC) and federal, state, local, tribal, and territorial (FSLTT) intelligence analysts the opportunity to engage with volunteer private sector analysts to better understand select national security and homeland security issues. All participants are selected through a competitive application process. AEP participants work to create unclassified joint analytic deliverables of interest to both the private sector and the U.S. Government. I&A is publishing this privacy impact assessment (PIA) because I&A collects personally identifiable information from individuals applying to, and selected for, the AEP in order to verify their U.S. citizenship, facilitate entry into federal buildings, facilitate reimbursement of their travel expenses, and enable access to federally-maintained information technology platforms used to facilitate public-private collaboration.

  • DHS/USCG/PIA-031 COVID-19 Data Analytics

    The purpose of the U.S. Coast Guard (USCG) COVID-19 Data Analytics program ("COVID-19 Operational Software Suite") is to minimize USCG operational impacts (e.g., workforce readiness, COVID-19 Vaccine Support) during the COVID-19 pandemic. USCG is publishing this Privacy Impact Assessment (PIA) to assess the privacy risks and mitigations of collecting Personally Identifiable Information (PII) and Sensitive PII (SPII) associated with implementing the COVID-19 Operational Software Suite.

  • DHS/CWMD/PIA-002 Biological Detection for the 21st Century (BD21) Technology Demonstration (TD)

    The U.S. Department of Homeland Security (DHS) Countering Weapons of Mass Destruction (CWMD) Systems Support Directorate has been tasked and funded to evaluate networked biological detection and presumptive identification equipment for the purposes of informing the next generation detection of airborne bio-threats, as well as to recapitalize the BioWatch Program. To fulfill these responsibilities, CWMD is developing the Biological Detection for the 21st Century (BD21) Program. CWMD will install biological detection equipment at certain locations/sites as sensor nodes in various configurations. Each node is comprised of biological sensors, Global Positioning System (GPS) technology, a communications unit, meteorological sensors, and cameras, which are monitored and operated remotely (where possible). The sensor nodes capture environmental data and camera video/images which are transmitted to CWMD’s secure Amazon Web Services (AWS) Cloud for the purpose of developing algorithms and evaluating performance of the technologies. CWMD is conducting this PIA to evaluate the privacy risk associated with the use of this technology.

  • DHS/OIDO/PIA-001 Immigration Detention Case Management System

    The U.S. Department of Homeland Security’s (DHS) Office of the Immigration Detention Ombudsman (OIDO or Office) is an independent office responsible for objectively and impartially reviewing cases submitted by, or on behalf of, individuals affected by potential misconduct, excessive force, violations of rights of individual detainees, or violations of law, standards of professional conduct, contract terms, policy related to immigration detention, or detention standards that occurred while in immigration detention by DHS officers, or other contracted, subcontracted, or cooperating entity personnel. Thereafter OIDO seeks to resolve the matter or provide redress as appropriate.

  • DHS/OIG/PIA-002 Office of Inspector General Video Management System

    The U.S. Department of Homeland Security (DHS) Office of Inspector General (OIG) is establishing the Video Management System (VMS), which is a system hosted within the Microsoft Azure cloud environment. VMS is storage solution for receiving, storing, and reviewing audio and video data in support of the investigations conducted by DHS OIG criminal investigators (Special Agents).

  • FPS Management Directives

    Directives establishing policies, requirements, and responsibilities related to operations of the Federal Protective Service.

  • DHS/CBP/PIA-030 Departure Information Systems Test

    U.S. Customs and Border Protection (CBP) will operate the Departure Information Systems Test in order to identify reliable and cost-effective border management capabilities that can be deployed nationwide and across multiple modes of travel. The Test will seek to test CBP’s ability to verify the biometrics of departing travelers. Photos of travelers taken during boarding will be compared against photos taken previously (U.S. passport, U.S. visa, and other DHS encounters) and stored in existing CBP systems.

  • DHS/CISA/PIA-038 Use of Administrative Subpoenas for Cybersecurity Vulnerability Identification and Notification

    The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) has established a process that permits CISA, pursuant to statutory authority, the use of administrative subpoenas for cybersecurity vulnerability identification and notification. This process allows CISA to issue administrative subpoenas and receive customer or subscriber contact information from service providers to identify and notify owners or operators of covered systems and devices related to critical infrastructure that have a specific security vulnerability. CISA is conducting this Privacy Impact Assessment (PIA) because responses to administrative subpoenas will include the personally identifiable information (PII) of individuals identified by subpoenaed service providers, such as Internet Service Providers (ISPs), as relevant points of contact.

  • DPIAC Meeting May 14, 2021

    Materials related to a public meeting of the DHS Data Privacy and Integrity Advisory Committee on May 14, 2021

  • DHS/CBP/PIA-070 Processing Individuals Subject to Migrant Protection Protocols (MPP)

    U.S. Customs and Border Protection (CBP) is tasked with safeguarding America’s borders while enhancing the nation’s global economic competitiveness by enabling legitimate trade and travel. As of February 2021, there were approximately 25,000 individuals enrolled in Migrant Protection Protocols (MPP) outside of the United States awaiting adjudication of their removal proceedings. CBP will leverage technology solutions, including facial recognition technology, to verify MPP enrollment and case status, and streamline these individuals’ processing into the United States. CBP is conducting this Privacy Impact Assessment (PIA) to assess the privacy risks and mitigations associated with the biometric and biographic information collected to process individuals enrolled in MPP.