The Department of Homeland Security’s Privacy Office has released its “Second Quarter Fiscal Year 2012 Report to Congress” (pdf). The report, the Privacy Office says, “provides a summary of our privacy compliance, complaint and training and awareness activities for the period December 1, 2011 – February 29, 2012.” The quarterly report is required under Section 803 of the “Implementing Recommendations of the 9/11 Commission Act of 2007 (9/11 Commission Act).” The report includes:
- Number and types of privacy reviews of Department actions undertaken;
- Type of advice provided and the response given to such advice; and
- Number and nature of privacy complaints received by DHS for alleged violations along with a summary of the disposition of such complaints.
In addition, we include information and data on privacy training and awareness activities conducted by the Department to help prevent privacy incidents.
The privacy reviews include:
- Privacy Threshold Analyses (PTA), the DHS foundational mechanism for reviewing IT systems, programs, and other activities for privacy protection issues to determine whether a more comprehensive analysis is necessary through the Privacy Impact Assessment process;
- Privacy Impact Assessments (PIA) required under the E-Government Act of 2002 and the Homeland Security Act of 2002, as amended, and by DHS policy;
- Systems of Records Notices (SORN) and associated Privacy Act exemptions as required under the Privacy Act;
- Privacy Act Statements as required under Section (e)(3) of the Privacy Act to provide notice to individuals at the point of collection;
- Computer Matching Agreements as required under the Privacy Act; 8
- Data Mining Report as required by Section 804 of the 9/11 Commission Act;
- Privacy Compliance Reviews; and
- Privacy reviews of IT and program budget requests, including OMB 300s and Enterprise Architecture Alignment Requests through the DHS Enterprise Architecture Board.
Read the full report here.