DHS Privacy Office Testimony for Senate Hearing Titled “State of Federal Privacy and Data Security Law: Lagging Behind the Times?”
In a hearing before the Senate Committee on Homeland Security and Governmental Affairs’ Subcommittee on Oversight of Government Management, the Department of Homeland Security’s Chief Privacy Officer, Mary Ellen Callahan, discussed her role and privacy at the department. The hearing was entitled “State of Federal Privacy and Data Security Law: Lagging Behind the Times?” From Callahan’s written remarks:
As you know, the Department of Homeland Security (DHS) is the first department in the federal government to have a statutorily mandated privacy officer. I have had the pleasure of serving in this role since March 2009. The Homeland Security Act grants the Chief Privacy Officer primary responsibility for ensuring that privacy considerations and protections are comprehensively integrated into all DHS programs, policies, and procedures. […]
The mission of the DHS Privacy Office is to protect all individuals by embedding and enforcing privacy protections and transparency in all DHS activities. My staff work to achieve its mission by fostering a culture of privacy and transparency; demonstrating leadership through policy and partnerships; providing outreach, education, training, and reports; conducting robust oversight; and ensuring that DHS complies with federal privacy, confidentiality, and disclosure laws, policies, and principles.
It is my pleasure to share with you today a few examples of the DHS Privacy Office’s many recent achievements in privacy protection. Last year, we issued Department Directive 047-01, which formalizes the privacy-related responsibilities of DHS personnel and the processes in place to ensure compliance with applicable laws and policies. Two weeks ago, we hosted a successful public meeting of the DHS Data Privacy and Integrity Advisory Committee, which provides advice on privacy-related matters to the Chief Privacy Officer and the Secretary of Homeland Security. In addition, we engage in ongoing collaboration with the DHS Office for Civil Rights and Civil Liberties to provide comprehensive, on-site training to fusion centers from Alaska to Tennessee. […]
The Privacy Act was passed in an era before electronic communications and databases were the norm at federal agencies. As such, the Act did not fully contemplate that multiple entities within the Executive Branch may use the same types of records or operate similar systems. Nonetheless, many of the concepts embedded in the original Act are flexible enough to permit similar records to be treated consistently, regardless of whether they are located at one agency or another. […]
One method to address modern challenges of implementing the Privacy Act is to share best practices among federal privacy officials. Formal Council-level bodies exist for many federal chief officers, including the Chief Financial Officers, Chief Information Officers, and Chief Human Capital Officers. Though no formal Council-level body exists for Chief Privacy Officers, I am proud to serve as Co-chair of the Privacy Committee of the Federal Chief Information Officers Council.
Read her full remarks to learn more.