PRIVACY REQUIREMENTS

DM 3515-000

 

TABLE OF CONTENTS

Page

 

Chapter 3 General Information

 

1 Purpose 1

2 Cancellation 1

3 References 1

4 Scope 2

5 Abbreviations 2

 

3515-001

Part I Collection of Web Site Cookies and Privacy Requirements

 

1 Background 1

2 Policy 1

3 Responsibilities 3

3515-002

Part 2 - Privacy Impact Assessment (PIA)

 

1 Background 1

2 Policy 2

3 Procedures 3

 

Attachments

 

1 Steps For Completing a PIA

2 Privacy Impact Assessment Form

 

 


U.S. Department of Agriculture

Washington, D.C.

 

 

DEPARTMENTAL MANUAL

 

NUMBER:

3515-000

 

 

SUBJECT:

Privacy Requirements

 

DATE: February 17, 2005

 

OPI: OCIO, Cyber Security

CHAPTER 3

GENERAL INFORMATION

 

 

1 PURPOSE

 

This Departmental Manual chapter establishes security policy and procedures for privacy within USDA. Specifically, Part 1 of this chapter addresses security requirements with regard to the Privacy Act and the use of cookies at USDA Web sites. Part 2 of this material addresses the Privacy Impact Assessment (PIA) and implements the requirement for addressing privacy during the systems development and revision process. In addition, the material describes the steps required to complete a PIA on a project, and discusses some of the privacy issues a project must address when completing a PIA.

 

 

2 CANCELLATION

 

This Departmental Manual will be in effect until superseded.

 

 

3 REFERENCES

See Appendix B, CS Legal and Regulatory References

 

USDA Privacy Act Implementation, 7 C.F.R. 11 et seq;

 

USDA Freedom of Information Act Implementation, 7 C.F.R. 1.110 et seq;

 

 

4 SCOPE

 

This manual applies to all USDA agencies, programs, teams, organizations, appointees, employees and other activities.

 

5 ABBREVIATIONS

 

CIO - Chief Information Officer

CS - Cyber Security

DM - Departmental Manual

DR - Departmental Regulation

ITMRA - Information Technology Management Reform Act

ISSPM - Information Systems Security Program Manager

OCIO - Office of the Chief Information Officer

OMB - Office of Management & Budget

PA - Privacy Act

PIA - Privacy Impact Assessment

SLC - System Life Cycle

SOR - System of Records

USDA - United States Department of Agriculture

WWW - World Wide Web