OMB orders agencies to report on efforts to protect private data
Changes to the Federal Information Security Management Act will require federal agencies to report on how they are protecting private information, starting at the end of this fiscal year, according to a memo released from the Office of Management and Budget Friday.
FISMA, which took effect in 2002, requires agencies to conduct annual reviews of information security programs and report the status of complying with security guidelines.
The changes outlined in the memo are aimed at enhancing protection of personal information "to maintain a comprehensive context for security and privacy of federal information across government," according to OMB.
With the new FISMA requirements, every agency will be asked to provide:
- The number of each type of privacy review conducted during the last fiscal year.
- Information about the advice provided by the senior agency official for privacy during the last fiscal year.
- The number of written complaints for each type of privacy issue allegation received by the senior agency official for privacy during the last fiscal year.
- For each type of privacy issue received by the senior agency official for privacy for alleged privacy violations during the last fiscal year, the number of complaints the agency referred to another agency with jurisdiction.
COMMENTS
- Good Luck! I went through the COC up to CNIC about the electronic time keeping system "SLDCADA" that "still" reflects employee's full SSN's back in 2005. To date, it "still" reflects employee's full SSN's. There are constant breeches in employee information. There was recently on involving NSWC Dahlgren, Va. Division that involved information from 2004. CATZ Posted January 22, 2008 11:35 AM
