The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Publication, Privacy

DHS Policy and Procedures for Managing Computer-Readable Extracts Containing Sensitive PII

Revision as of 04:56, 17 November 2010 by Mdscott (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Edit

Citation[]

DHS Privacy Office, DHS Policy and Procedures for Managing Computer-Readable Extracts Containing Sensitive PII (full-text).

Overview[]

The DHS Privacy Office, "DHS Policy and Procedures for Managing Computer-Readable Extracts Containing Sensitive PII" outlines DHS requirements for documenting, tracking, and validating computer-readable extracts. The DHS CRE Policy permits personnel to create and use CREs only for authorized official purposes and to share CREs only as authorized by the Privacy Act of 1974 and other applicable federal law and policy.

DHS requires that CREs be appropriately secured during storage and transmission in accordance with DHS Sensitive Systems Policy Directive 4300A and the Handbook for Safeguarding Sensitive Personally Identifiable Information at the Department of Homeland Security. DHS also requires that ad hoc CREs, or non-routine CREs, be documented, tracked, and validated.

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement