Fandom

The IT Law Wiki

Recommendations for Standardized Implementation of Digital Privacy Controls

32,198pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Citation Edit

Federal CIO Council, Recommendations for Standardized Implementation of Digital Privacy Controls (Dec. 2012) (full-text).

Overview Edit

This document offers recommendations that can serve as a resource to help agencies meet their privacy obligations as they implement the requirements of the Digital Government Strategy ("Strategy"). This document explains how privacy controls help enable and promote the Strategy's data- and customer-centric approach, and the importance of integrating such controls into the risk management process to ensure that privacy is fully incorporated in the planning and development of digital services and programs.

The document then discusses three key privacy controls: (1) PII Inventory; (2) Privacy Impact Assessment (PIA); and (3) Privacy Notice. These fundamental privacy controls require that agencies identify and consider all PII that may be collected or otherwise exposed through a particular digital technology, analyze the privacy risks through the data life cycle by conducting and updating a PIA (as needed), and provide notice to individuals of when and how their PII will be collected, used, retained, and disclosed.

This document is not a formal guidance document and does not establish or alter official Federal Government policies. It does, however, offer recommendations that can serve as a resource to help agencies meet their privacy obligations as they implement the requirements of the Strategy.

Moreover, this document does not attempt to provide a “one size fits all” approach, as each digital service or program will be different. Instead, it provides tools and best practices, in the form of key considerations and checklists, to standardize and streamline the implementation of the three critical privacy controls noted above, and to educate agency personnel on options for addressing privacy issues in the complex ecosystem inherent in the evolution toward a Digital Government.

Also on Fandom

Random Wiki