Now that the program is up and running: Reaching Consumers via Social Media

Size: px
Start display at page:

Download "Now that the program is up and running: Reaching Consumers via Social Media"

Transcription

1 Now that the program is up and running: Reaching Consumers via Kathy Harman-Stokes, J.D., CIPP, CIPP/G Chief Privacy Officer Commodity Futures Trading Commission

2 Hypothetical: Website and database have launched Head of HFA wants social media (SM) HFA Claims Admin Officer (CAO) contacts you Use SM to raise awareness

3 Input your address and go! Has your agency set up social media without consultation on privacy, etc.? 1. Yes, we re all over social media, but I haven t been contacted. 2. Yes, on occasion. 3. No, they always talk to me. 4. Social media? 25% 25% 25% 25%

4 Not so fast. Appropriate steps to setting up SM: I. Clarify goals II. Consult with internal experts III.Dive into details: PIAs, policies, etc. IV.Train staff V. Review and optimize

5 I. Clarify Goals Agency wants blog, Facebook & Twitter. Why? What does HFA CAO seek to accomplish? Possible goals: Open government/dissemination Interaction w/the public Info from the public/crowd-sourcing Enforcement/investigation of fraud

6 I. Clarify Goals Goals: CAO seeks to raise awareness and interact with the public With goals in mind: Most appropriate SM: blog? Facebook? Twitter? Other SM to consider? Weigh benefits w/risks and costs of each Ensure everyone understands goals

7 II. Consult with Internal Experts Privacy Officer IT Security/CISO Procurement Team Records Officer FOIA Officer E-Discovery Counsel Ethics Officer General Counsel s Office Human Resources Team Public Affairs Officer Often others, e.g., Learning Officer Why broad consultation?

8 II. Consult with Internal Experts Applicable laws may include: - Privacy Act of Procurement Integrity Act - FISMA - Antideficiency Act - FOIA - First Amendment - Federal Records Act - US Rehabilitation Act Discovery rules: - Federal Advisory Committee Fed.R.Civ.Proc. Act - Hatch Act - COPPA - Federal Acquisition - Paperwork Reduction Act Regulation - And more. - Federal Appropriation Laws

9 II. Consult with Internal Experts Best practice: develop working group - Include all SMEs + Public Affairs, program managers - Develop charter, responsibilities - Meet regularly, on-going basis - Discuss SM issues, try to build consensus - Regularly review SM uses - Advise senior leadership on responsible use of SM to advance agency goals You suggest such a group. Good idea!

10 III. Dive into Details: PIAs, policies, etc. Basic SM use policies/procedures: Approval process for this and other SM uses Responsibility/procedure for setting up pages Responsibility/procedure for posting content, monitoring page, responding to comments Establish ambassadors, SMEs, to interact w/public on specific subject areas?

11 III. Dive into Details: PIAs, policies, etc. HFA decisions: CAO will approve decisions CAO delegates day to day responsibility to: o 1 manager, 2 new SM savvy employees o SM tasks added to current duties o Staff to post content, monitor pages, respond to comments Manager has in-depth knowledge of entire program, but has never seen Facebook

12 III. Dive into Details: Privacy Remember the goals. What specific PII do you plan to collect in short and medium-term? PII necessary? What are you asking members of the public to do? Post? Comment? Subscribe? Share? View content? How will the PII be used?

13 Privacy Act of 1974: With agency goals in mind, any personal info going into a system of records by using Twitter, Facebook and blog? 1. Never; any info posted is publicly available 2. Yes 3. No 4. Maybe Reaching Consumers via III. Dive into Details: Privacy 25% 25% 25% 25%

14 III. Dive into Details: Privacy Privacy Act of 1974: Poll 3: In what situation would you need a 552a(e)(3) Privacy Act Notice? 1. Never with any use of Internet tools; not soliciting + all info publicly available 2. Maybe, but only if friending 3. Possible risk exists; mitigate the risk 4. Always; any commenter could include PII 25% 25% 25% 25%

15 III. Dive into Details: Privacy OMB M and E-Government Act Adapted PIA required: o whenever an agency s use of a third-party website makes PII available to the agency o Discuss purpose of use of site o PII likely to become available to agency o Expected use of PII o Cover usual PIA issues but tailored to specific site: access, sharing, security and risks to PII, and how risks have been mitigated o Publish on agency web site

16 III. Dive into Details: Privacy OMB M and E-Government Act Update agency privacy policy o Describe purpose of use of site o How agency will use PII that becomes available o Access, disclosure, security of PII, etc. Create privacy notices: o Provide to the extent feasible on the site o Feasible on Facebook, probably blog site o Explain site is not a government site, it s owned controlled by third-party, etc.

17 III. Dive into Details: Privacy

18 III. Dive into Details: Privacy It s feasible on Twitter too.

19 III. Dive into Details: Privacy HFA decisions: Not sure about (e)(3); build into other notices Will publish a PIA o Will publish 1 instead of 3 o SM uses functionally comparable o Data uses substantially similar Will publish Privacy Notices: o Short but substantive notice on Facebook, blog site o Reference on Twitter to agency s privacy policy Will update agency privacy policy

20 III. Dive into Details: Privacy OMB M-10-23: Third Party Privacy Policies Before using a SM site, you must examine the site s privacy policy, evaluate risks Assign responsibility: who at your agency bears responsibility for understanding the provider s privacy policy, and continually reviewing it for consistency w/your agency s statements and goals? HFA: CPO and manager will review initially and annually; manager responsible for continual review

21 III. Dive into Details: Records Definition of a Federal record, 44 USC 3301 all books, papers, maps, photographs, machine readable materials, or other documentary materials, regardless of physical form or characteristics, made or received by an agency of the United States Government under Federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency... as evidence of the organization, functions, policies, decisions, procedures, operations or other activities of the Government or because of the informational value of data in them

22 III. Dive into Details: Records Is the information being posted: Available elsewhere, i.e., is the posted information a copy of a record? Evidence of an agency s policies, activities, functions, operations or other activities? If a record, needs: A NARA-approved disposition schedule Preservation Proper handling and disposition Work closely with your Records Management Officer

23 III. Dive into Details: Records HFA: Some info not available elsewhere, e.g., Facebook comments Evidence of HFA s operations and activities Needs: A NARA-approved disposition schedule Preservation; CPO, manager, RMO to explore tools Proper handling and disposition CPO, Manager and RMO will coordinate

24 III. Dive into Details: FOIA, e-discovery Ensure access for FOIA, e-discovery In the time period required In the form required; need meta-data Remember authentication issues Electronic Communications Privacy Act and Stored Communications Act More stringent rules apply to government May need search warrant Best practice: obtain consent or seek discovery directly from opposing party

25 III. Dive into Details: FISMA, IT Security Some agencies still block SM for most users Others treat SM as part of the Internet ; risks exist, just mitigate them More monitoring of web traffic needed Data loss prevention tools (DLP) minimize risk of info loss New retention capabilities needed

26 III. Dive into Details: FISMA, IT Security HFA blocks most SM Need to open these SM sites to CPO, manager and staff CIO says monitoring tools sufficient CIO plans to implement DLP w/in 12 months, then can open SM to all staff Will work w/cpo, RMO, manager re: retention capabilities

27 III. Dive into Details: Ethics Usual ethics rules apply, e.g., Standards of Ethical Conduct for Employees of the Executive Branch May need a disclaimer: the opinions expressed are mine alone and do not represent the views of my agency. For lawyers, any effort to friend could violate ethical rules, e.g., contact w/represented party? Deceptive?

28 III. Dive into Details: Procurement Terms of Service (TOS) agreements don t work Indemnification: Violates restrictions of the Anti- Deficiency Act, 31 USC 1341(a)(1) and Adequacy of Appropriations Act, 41 USC 11 Governing Law: Only Federal law may apply Jurisdiction: Litigation only in Fed courts, 28 USC 1346, 1491 Arbitration: Limits on use of binding arbitration, 5 USC 575 Key terms must be revised.

29 III. Dive into Details: Procurement Best practice: Use GSA model agreements GSA and coalition have negotiated agreements with 60 third-party providers, e.g., Facebook, LinkedIn, MySpace, YouTube, Tumblr, WordPress

30 III. Dive into Details: Procurement At HFA, you, Manager and Procurement staff review TOU for Facebook, different blog sites, and Twitter Also review GSA negotiated agreements for blog sites and Facebook (Thanks GSA!) See GSA note re: Twitter TOU Plan to sign up

31 IV. Train staff posting to SM They are speaking for the agency Train staff: How to set up page and use SM Guidelines on posting Topics they may or may not address Limits of their authority, escalation Take-down policy for comments Best practice: Require staff to sign rules of behavior for SM

32 IV. Train staff posting to SM Training needed for Manager and 2 Staff: Show the Manager each SM site How to set up pages, how pages operate, security What data is being collected Posting guidelines, e.g., never ask for personal information in SM site; answer general questions only Topics, limits of authority, take down Sign rules of behavior Don t forget: If SM open to all employees, need internal SM use policy, training for all employees

33 V. Review and Optimize At least annually, review use of SM, revise as needed: Leverage SM working group to review internal policies/procedures: What works well? What can agency improve? Access to SM or other IT concerns, e.g., viruses? User errors? More training needed? Data still being collected, handled as stated in PIAs, policies? Limited to purposes stated? Use metrics to show how well SM is meeting identified agency goals.

34 Conclusion Held first meeting of SM working group; discussed CAO SM uses for public awareness; all issues addressed, decisions documented Next meeting: discuss any issues, also expansion of SM to educate public through YouTube, post jobs, etc. Signed onto TOUs for Facebook, Twitter, blog site Set up sites, began using SM; positive so far Copying for record retention, FOIA, e-discovery So far, success!

35

36 Resources: and Web Content Managers Forum Federal E-Discovery Working Group (FEDWG) FTC PIAs for Facebook, Twitter, YouTube: CFTC PIAs for Twitter, and Internet & Use: OMB Memo 4/7/2010,, Web-Based Interactive Technologies and the Paperwork Reduction Act OMB M-10-23, Guidance for Agency Use of Third-Party Websites and Applications

37 Questions? Kathy Harman-Stokes, J.D., CIPP, CIPP/G Chief Privacy Officer Commodity Futures Trading Commission st St. NW Washington DC

New Media Roles, Responsibilities, and Authorities Approved by: Associate Administrator for Operations and Management

New Media Roles, Responsibilities, and Authorities Approved by: Associate Administrator for Operations and Management UNITED STATES DEPARTMENT OF AGRICULTURE Farm Service Agency Washington, DC 20250 Notice INFO-54 For: FSA Employees New Media Roles, Responsibilities, and Authorities Approved by: Associate Administrator

More information

Non-Official/Personal Use of Social Media and Social Networking. Availability of Information and Access to Persons Without Internet Access

Non-Official/Personal Use of Social Media and Social Networking. Availability of Information and Access to Persons Without Internet Access Department of the Interior Social Media Policy ~ 1 ~ Table of Contents Section 1: Social Media and Social Networking Policy Overview of Policy Official Use of Social Media and Social Networking at DOI

More information

Federal Trade Commission Privacy Impact Assessment

Federal Trade Commission Privacy Impact Assessment Federal Trade Commission Privacy Impact Assessment for the: W120023 ONLINE FAX SERVICE December 2012 1 System Overview The Federal Trade Commission (FTC, Commission or the agency) is an independent federal

More information

Privacy 101 Awareness and Best Practices

Privacy 101 Awareness and Best Practices Privacy 101 Awareness and Best Practices GPO Protection of Personally Identifiable Information (PII) National Institute Of Standards & Technology What is Privacy It is more than information security Privacy

More information

PRIVACY IMPACT ASSESSMENT (PIA) GUIDE

PRIVACY IMPACT ASSESSMENT (PIA) GUIDE U.S. Securities and Exchange Commission Office of Information Technology Alexandria, VA PRIVACY IMPACT ASSESSMENT (PIA) GUIDE Revised January 2007 Privacy Office Office of Information Technology PRIVACY

More information

PROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT SYSTEM

PROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT SYSTEM Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated 07/07/2005 PROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT

More information

I. U.S. Government Privacy Laws

I. U.S. Government Privacy Laws I. U.S. Government Privacy Laws A. Privacy Definitions and Principles a. Privacy Definitions i. Privacy and personally identifiable information (PII) b. Privacy Basics Definition of PII 1. Office of Management

More information

Purpose. Introduction to the Guidelines. Social Media Definition. http://www.ohioerc.org

Purpose. Introduction to the Guidelines. Social Media Definition. http://www.ohioerc.org http://www.ohioerc.org Purpose SOCIAL MEDIA: THE RECORDS MANAGEMENT CHALLENGE As society shifts from traditional methods of recordkeeping to electronic recordkeeping, the issues surrounding the management

More information

Privacy Recommendations for the Use of Cloud Computing by Federal Departments and Agencies. Privacy Committee Web 2.0/Cloud Computing Subcommittee

Privacy Recommendations for the Use of Cloud Computing by Federal Departments and Agencies. Privacy Committee Web 2.0/Cloud Computing Subcommittee Privacy Recommendations for the Use of Cloud Computing by Federal Departments and Agencies Privacy Committee Web 2.0/Cloud Computing Subcommittee August 2010 Introduction Good privacy practices are a key

More information

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture

Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division. U.S. Department of Agriculture Allison Stanton, Director of E-Discovery U.S. Department of Justice, Civil Division Benjamin Young, Assistant General Counsel U.S. Department of Agriculture 1 Disclaimer The views expressed in this presentation

More information

Preservation of Separated Personnel s Electronically Stored Information Subject to Litigation Holds

Preservation of Separated Personnel s Electronically Stored Information Subject to Litigation Holds Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated July 07, 2005 Preservation of Separated Personnel s Electronically Stored Information Subject to Litigation Holds The United

More information

Interim Guidance 831-2. DATE: February 24, 2010

Interim Guidance 831-2. DATE: February 24, 2010 Interim Guidance 831-2 DATE: February 24, 2010 SUBJECT: Rules of Behavior for Using Web 2.0 and Social Media Web Sites and Responsibilities for Content Management TO: Departmental/Office Heads, Staff Directors,

More information

Privacy Best Practices for Social Media

Privacy Best Practices for Social Media July 2013 Table of Contents 1. Overview... 2 2. Types of Use of Social Media... 3 3. Establishing a Social Media Program... 7 4. Interacting with the Public... 8 5. Information Sharing and Retention...

More information

GAO SOCIAL MEDIA. Federal Agencies Need Policies and Procedures for Managing and Protecting Information They Access and Disseminate

GAO SOCIAL MEDIA. Federal Agencies Need Policies and Procedures for Managing and Protecting Information They Access and Disseminate GAO United States Government Accountability Office Report to Congressional Requesters June 2011 SOCIAL MEDIA Federal Agencies Need Policies and Procedures for Managing and Protecting Information They Access

More information

Department of the Interior Privacy Impact Assessment

Department of the Interior Privacy Impact Assessment Department of the Interior Name of Project: Facebook Bureau: Office of the Secretary Project s Unique ID (Exhibit 300): March 1, 2011 A. CONTACT INFORMATION: Departmental Privacy Office Office of the Chief

More information

Federal Trade Commission Privacy Impact Assessment. for the: Secure File Transfer System

Federal Trade Commission Privacy Impact Assessment. for the: Secure File Transfer System Federal Trade Commission Privacy Impact Assessment for the: Secure File Transfer System June 2011 1 System Overview The Federal Trade Commission (FTC, Commission or the agency) is an independent federal

More information

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service

Cloud Computing Best Practices. Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service Cloud Computing Best Practices Cloud Computing Best Practices Creating Effective Cloud Computing Contracts for the Federal Government: Best Practices for Acquiring IT as a Service Overview Cloud Computing

More information

Social Media In the Food Industry

Social Media In the Food Industry Social Media In the Food Industry Managing legal risk to avoid getting bitten Carolyn Elefant, LawOfficesofCarolynElefant.com February 5, 2013 Why social media in regulated industries is like alcohol at

More information

Department of Veterans Affairs VA Directive 6311 VA E-DISCOVERY

Department of Veterans Affairs VA Directive 6311 VA E-DISCOVERY Department of Veterans Affairs VA Directive 6311 Washington, DC 20420 Transmittal Sheet June 15, 2012 VA E-DISCOVERY 1. REASON FOR ISSUE: To establish policy concerning the care and handling of documents

More information

Department of the Interior Privacy Impact Assessment

Department of the Interior Privacy Impact Assessment Department of the Interior August 15, 2014 Name of Project: email Enterprise Records and Document Management System (eerdms) Bureau: Office of the Secretary Project s Unique ID: Not Applicable A. CONTACT

More information

NOTES SOCIAL MEDIA: ITS CHALLENGES AND OPPORTUNITIES. Cohasset Associates, Inc. 2014 Managing Electronic Records Conference 27.1

NOTES SOCIAL MEDIA: ITS CHALLENGES AND OPPORTUNITIES. Cohasset Associates, Inc. 2014 Managing Electronic Records Conference 27.1 SOCIAL MEDIA: ITS CHALLENGES AND OPPORTUNITIES Jonathan M. Redgrave, Redgrave LLP Rakesh Madhava, Nextpoint May 21, 2014 SOCIAL MEDIA: UBIQUITOUS & OMNIPRESENT SOCIAL MEDIA: INTERNAL 3 2014 Managing Electronic

More information

Department of Homeland Security Management Directives System MD Number: 4500.1 Issue Date: 03/01/2003 DHS E-MAIL USAGE

Department of Homeland Security Management Directives System MD Number: 4500.1 Issue Date: 03/01/2003 DHS E-MAIL USAGE Department of Homeland Security Management Directives System MD Number: 4500.1 Issue Date: 03/01/2003 DHS E-MAIL USAGE I. Purpose This directive establishes Department of Homeland Security (DHS) policy

More information

Privacy Impact Assessment

Privacy Impact Assessment MAY 24, 2012 Privacy Impact Assessment matters management system Contact Point: Claire Stapleton Chief Privacy Officer 1700 G Street, NW Washington, DC 20552 202-435-7220 claire.stapleton@cfpb.gov DOCUMENT

More information

5 FAM 790 USING SOCIAL MEDIA

5 FAM 790 USING SOCIAL MEDIA 5 FAM 791 SCOPE 5 FAM 790 USING SOCIAL MEDIA (Office of Origin: IRM/BMP/GRP) a. Social media consist of a variety of digital technologies that foster interaction among individuals who use the tools. Social

More information

DHS SharePoint and Collaboration Sites

DHS SharePoint and Collaboration Sites for the March 22, 2011 Robert Morningstar Information Systems Security Manager DHS Office of the Chief Information Officer/Enterprise Service Delivery Office (202) 447-0467 Reviewing Official Mary Ellen

More information

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION Department of Defense INSTRUCTION NUMBER 8910.01 May 19, 2014 DoD CIO SUBJECT: Information Collection and Reporting References: See Enclosure 1 1. PURPOSE. This instruction: a. Reissues DoD Instruction

More information

CHAPTER 9 RECORDS MANAGEMENT (Revised April 18, 2006)

CHAPTER 9 RECORDS MANAGEMENT (Revised April 18, 2006) CHAPTER 9 RECORDS MANAGEMENT (Revised April 18, 2006) WHAT IS THE PURPOSE OF RECORDS MANAGEMENT? 1. To implement a cost-effective Department-wide program that provides for adequate and proper documentation

More information

CIO P 2106.2 GSA Social Media Handbook Date: 07/17/2009 Status.: Validated Outdated on: 07/17/2019

CIO P 2106.2 GSA Social Media Handbook Date: 07/17/2009 Status.: Validated Outdated on: 07/17/2019 CIO P 2106.2 GSA Social Media Handbook Date: 07/17/2009 Status.: Validated Outdated on: 07/17/2019 GENERAL SERVICES ADMINISTRATION Washington, DC 20405 CIO P 2106.2 July 17, 2009 GSA ORDER SUBJECT: GSA

More information

Outline of Session 12/2/2013. Social Media & Government Legal and Ethical Issues. Part 1 - Legal Issues More Questions than Answers?

Outline of Session 12/2/2013. Social Media & Government Legal and Ethical Issues. Part 1 - Legal Issues More Questions than Answers? Social Media & Government Legal and Ethical Issues Indiana Legal & Ethics Conference December 4, 2013 Presented by: Julie A. Tappendorf Ancel Glink, Chicago Outline of Session Part 1 Legal Issues with

More information

April 4, 2012. Frequently Asked Questions Regarding Social Media and the Hatch Act 1

April 4, 2012. Frequently Asked Questions Regarding Social Media and the Hatch Act 1 U.S. OFFICE OF SPECIAL COUNSEL 1730 M Street, N.W., Suite 218 Washington, D.C. 20036-4505 202-254-3600 April 4, 2012 Frequently Asked Questions Regarding Social Media and the Hatch Act 1 In light of the

More information

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division

Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division Allison Stanton Director of E-Discovery U.S. Department of Justice, Civil Division Jason R. Baron Director of Litigation National Archives and Records Administration 1 Overview Cloud Computing Defined

More information

DEPARTMENT OF THE INTERIOR. Privacy Impact Assessment Guide. Departmental Privacy Office Office of the Chief Information Officer

DEPARTMENT OF THE INTERIOR. Privacy Impact Assessment Guide. Departmental Privacy Office Office of the Chief Information Officer DEPARTMENT OF THE INTERIOR Privacy Impact Assessment Guide Departmental Privacy Office Office of the Chief Information Officer September 30, 2014 Table of Contents INTRODUCTION... 1 Section 1.0 - What

More information

Federal Trade Commission Privacy Impact Assessment for:

Federal Trade Commission Privacy Impact Assessment for: Federal Trade Commission Privacy Impact Assessment for: DCBE Websites and Blogs Consumer.ftc.gov, Consumidor.ftc.gov, OnGuardOnline, AlertaenLinea, Consumer.gov, Consumidor.gov and the BCP Business Center

More information

This Instruction implements Department of Homeland Security (DHS) Directive 110-01, Privacy Policy for Operational Use of Social Media.

This Instruction implements Department of Homeland Security (DHS) Directive 110-01, Privacy Policy for Operational Use of Social Media. I. Purpose Department of Homeland Security DHS Directives System Instruction Number: 110-01-001 Revision Number: 00 Issue Date: 6/8/2012 PRIVACY POLICY FOR OPERATIONAL USE OF SOCIAL MEDIA This Instruction

More information

Federal Trade Commission Privacy Impact Assessment. Conference Room Scheduling PIA

Federal Trade Commission Privacy Impact Assessment. Conference Room Scheduling PIA Federal Trade Commission Privacy Impact Assessment Conference Room Scheduling PIA July 2014 1. System Overview The Federal Trade Commission (FTC) uses conference spaces in various FTC facilities and FTC-leased

More information

FHFA. Privacy Impact Assessment Template FM: SYSTEMS (SYSTEM NAME)

FHFA. Privacy Impact Assessment Template FM: SYSTEMS (SYSTEM NAME) FHFA Privacy Impact Assessment Template FM: SYSTEMS (SYSTEM NAME) This template is used when the Chief Privacy Officer determines that the system contains Personally Identifiable Information and a more

More information

The Importance of Information Governance and Risk Management

The Importance of Information Governance and Risk Management Information Governance what it is and how it relates to your customers Julie J. Colgan, IGP, CRM 2015 PRISM Annual Conference How much of the world s data was created in the last 2 years? 30% 50% 70% 90%

More information

Records Management. Training 101

Records Management. Training 101 Records Management Training 101 Learning Objectives This training is designed to help you: Understand the importance of Records Management and why records are maintained Understand your RM responsibilities

More information

GAO ELECTRONIC GOVERNMENT ACT. Agencies Have Implemented Most Provisions, but Key Areas of Attention Remain

GAO ELECTRONIC GOVERNMENT ACT. Agencies Have Implemented Most Provisions, but Key Areas of Attention Remain GAO United States Government Accountability Office Report to the Committee on Homeland Security and Governmental Affairs, U.S. Senate September 2012 ELECTRONIC GOVERNMENT ACT Agencies Have Implemented

More information

Privacy Impact Assessment. for. Social Media Websites and Applications. Date: May 2011. Point of Contact: Kristen Lefevre

Privacy Impact Assessment. for. Social Media Websites and Applications. Date: May 2011. Point of Contact: Kristen Lefevre Privacy Impact Assessment for Social Media Websites and Applications Date: May 2011 Point of Contact: Kristen Lefevre System Owner: Privacy Safeguards Division, PIRMS Office of Management U.S. Department

More information

The Cloud Seen from the U.S.A.

The Cloud Seen from the U.S.A. The Cloud Seen from the U.S.A. Stephen R. Bell, Counselor to the U.S. Coordinator, International Communications and Information Policy, U.S. Department of State OUTLINE Commercial drivers of Cloud services

More information

EPA Classification No.: CIO 2155-P-3.0 CIO Approval Date: 04/04/2014 CIO Transmittal No.: 13-011 Review Date: 04/04/2017

EPA Classification No.: CIO 2155-P-3.0 CIO Approval Date: 04/04/2014 CIO Transmittal No.: 13-011 Review Date: 04/04/2017 EPA Classification No.: CIO 2155-P-3.0 CIO Approval Date: 04/04/2014 CIO Transmittal No.: 13-011 Review Date: 04/04/2017 Collection and Retention Procedures for Electronically Stored Information (ESI)

More information

PBGC-19: Office of General Counsel Case Management System

PBGC-19: Office of General Counsel Case Management System PBGC-19: Office of General Counsel Case Management System Excerpted from Federal Register: Sept. 9, 2014 (Volume 79, Number 174) General Routine Uses System Name: Office of General Counsel Case Management

More information

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT PRIVACY IMPACT ASSESSMENT Once the Privacy Impact Assessment is completed and the signature approval page is signed, please submit an electronic copy and hard copy with original signatures of the PIA to

More information

REMEDY Enterprise Services Management System

REMEDY Enterprise Services Management System for the Enterprise Services Management System April 28, 2016 Contact Point Marshall Nolan Border Enforcement and Management Systems Division Office of Information Technology U.S. Customs & Border Protection

More information

DEPARTMENT OF DEFENSE Defense Commissary Agency Fort Lee, VA 23801-1800 DIRECTIVE. Social Media

DEPARTMENT OF DEFENSE Defense Commissary Agency Fort Lee, VA 23801-1800 DIRECTIVE. Social Media DEPARTMENT OF DEFENSE Defense Commissary Agency Fort Lee, VA 23801-1800 DIRECTIVE Social Media DeCAD 100-04 Corporate Communication Directorate OPR: DeCA/BEC References: See Enclosure 1 1. PURPOSE. This

More information

Cloud 2 General Support System

Cloud 2 General Support System PRIVACY IMPACT ASSESSMENT SEPTEMBER 4, 2015 Cloud 2 General Support System Does the CFPB use the information to benefit or make a determination about an individual? No. What is the purpose? Process specific

More information

**MT op» ^chv. Adapted Privacy Impact Assessment. Google Analytics. March 19, 2012. Contact

**MT op» ^chv. Adapted Privacy Impact Assessment. Google Analytics. March 19, 2012. Contact **MT op» ^chv March 19, 2012 Contact Departmental Privacy Office U.S. Department of the Interior 1849 C Street NW Mail Stop MIB-7456 Washington, DC 20240 202-208-1605 DOI_Privacy@ios.doi.gov ^ March 19,2012

More information

Federal Trade Commission Privacy Impact Assessment

Federal Trade Commission Privacy Impact Assessment Federal Trade Commission Privacy Impact Assessment for the: StenTrack Database System September, 2011 1 System Overview The Federal Trade Commission (FTC) protects America s consumers. As part of its work

More information

BEST PRACTICE GUIDELINES FOR LEGAL INFORMATION WEB SITE PROVIDERS

BEST PRACTICE GUIDELINES FOR LEGAL INFORMATION WEB SITE PROVIDERS BEST PRACTICE GUIDELINES FOR LEGAL INFORMATION WEB SITE PROVIDERS Best Practice Guidelines Adoption: Guidelines were adopted by the ABA House of Delegates in February 2003 Purpose: To provide users with

More information

FLORIDA FAMILY LAW: SOCIAL MEDIA & E-DISCOVERY. Christopher.Hopkins@Akerman.com

FLORIDA FAMILY LAW: SOCIAL MEDIA & E-DISCOVERY. Christopher.Hopkins@Akerman.com FLORIDA FAMILY LAW: SOCIAL MEDIA & E-DISCOVERY Christopher.Hopkins@Akerman.com Christopher B. Hopkins Lawyer, Mediator, Arbitrator & iphone App Developer Christopher.Hopkins@Akerman.com Handouts 1. Defendants

More information

Third Party Application Privacy Impact Assessment

Third Party Application Privacy Impact Assessment Third Party Application Privacy Impact Assessment Department of State Privacy Coordinator Sheryl Walter Bureau of Administration Global Information Services Office of Information Programs and Services

More information

United States Department of the Interior

United States Department of the Interior United States Department of the Interior NATIONAL PARK SERVICE 1849 C Street, N.W. Washington, D.C. 20240 DIRECTOR'S ORDER #lld: RECORDS AND ELECTRONIC INFORMATION MANAGEMENT Effective Date: \ Duration:

More information

Faith M. Heikkila, ABD, CIPP Regional Security Services Manager MI InfraGard Board Member

Faith M. Heikkila, ABD, CIPP Regional Security Services Manager MI InfraGard Board Member e-discovery Mitigating Security Impacts Faith M. Heikkila, ABD, CIPP Regional Security Services Manager MI InfraGard Board Member Credentials Information security consultant Pivot Group Michigan InfraGard

More information

Records Management Policy. EPA Classification No.: CIO 2155.3 CIO Approval Date: 02/10/2015. CIO Transmittal No.: 15-005 Review Date: 02/10/2018

Records Management Policy. EPA Classification No.: CIO 2155.3 CIO Approval Date: 02/10/2015. CIO Transmittal No.: 15-005 Review Date: 02/10/2018 INFORMATION POLICY Records Management Policy Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated 07/07/2005 Records Management Policy 1. PURPOSE To advance a focus on overall

More information

Washington State Archives Electronic Records Management: Improving Your Outlook

Washington State Archives Electronic Records Management: Improving Your Outlook Washington State Archives Electronic Records Management: Improving Your Outlook Presented by: Leslie Koziara, CRM, ERMP Electronic Records Management Consultant leslie.koziara@sos.wa.gov 360-586-4893 Overview

More information

LITIGATION SUPPORT SYSTEM (SYSTEM NAME)

LITIGATION SUPPORT SYSTEM (SYSTEM NAME) Privacy Impact Assessment Form LITIGATION SUPPORT SYSTEM (SYSTEM NAME) This template is used when the Chief Privacy Officer determines that the system contains Personally Identifiable Information and a

More information

ANNUAL PRIVACY REPORT

ANNUAL PRIVACY REPORT THE CHIEF PRIVACY AND CIVIL LIBERTIES OFFICER AND THE OFFICE OF PRIVACY AND CIVIL LIBERTIES ANNUAL PRIVACY REPORT JANUARY 1, 2012-SEPTEMBER 30, 2013 United States Department of Justice Message from the

More information

Immigration and Customs Enforcement Forensic Analysis of Electronic Media

Immigration and Customs Enforcement Forensic Analysis of Electronic Media for the Immigration and Customs Enforcement Forensic Analysis of Electronic Media DHS/ICE/PIA-042 May 11, 2015 Contact Point Peter T. Edge Executive Assistant Director Homeland Security Investigations

More information

SOCIAL MEDIA IN PERSONAL INJURY LAW

SOCIAL MEDIA IN PERSONAL INJURY LAW David K. Inscho Kline and Specter, P.C. SOCIAL MEDIA IN PERSONAL INJURY LAW The Internet isn t written in pencil Mark Social Media Issues Discovery of Social Media Social Media in Investigation Social

More information

FedRAMP Standard Contract Language

FedRAMP Standard Contract Language FedRAMP Standard Contract Language FedRAMP has developed a security contract clause template to assist federal agencies in procuring cloud-based services. This template should be reviewed by a Federal

More information

U.S. Department of Labor Digital Government Strategy (DGS) Milestone #6.3 Improving Digital Services

U.S. Department of Labor Digital Government Strategy (DGS) Milestone #6.3 Improving Digital Services U.S. Department of Labor Digital Government Strategy (DGS) Milestone #6.3 Improving Digital Services Introduction Last Updated: May 22, 2013 This document summarizes the U.S. Department of Labor s (DOL)

More information

Federal Trade Commission Privacy Impact Assessment. Electronic Discovery Support System

Federal Trade Commission Privacy Impact Assessment. Electronic Discovery Support System Federal Trade Commission Privacy Impact Assessment Electronic Discovery Support System November 2013 1 1 Introduction The Federal Trade Commission (FTC or Commission) works to prevent business practices

More information

PRIVACY IMPACT ASSESSMENT TEMPLATE

PRIVACY IMPACT ASSESSMENT TEMPLATE PRIVACY IMPACT ASSESSMENT TEMPLATE Name of System/Application: TeamMate Automated Audit Documentation System Program Office: Office of Inspector General Once the Privacy Impact Assessment is completed

More information

FINRA Regulatory Notice 08-71: Reporting Requirements

FINRA Regulatory Notice 08-71: Reporting Requirements VIA ELECTRONIC MAIL Marcia E. Asquith Office of the Corporate Secretary FINRA 1735 K Street, NW Washington, DC 20006-1500 RE: FINRA Regulatory Notice 08-71: Reporting Requirements Dear Ms. Asquith: On

More information

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET. 1283 Data Administration and Management (Public)

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET. 1283 Data Administration and Management (Public) Form 1221-2 (June 1969) Subject UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET 1283 Data Administration and Management (Public) Release 1-1742 Date 7/10/2012

More information

Records Management Implications of Implementing Social Media Tools: Thoughts From the Archivists Legal Counsel

Records Management Implications of Implementing Social Media Tools: Thoughts From the Archivists Legal Counsel Records Management Implications of Implementing Social Media Tools: Thoughts From the Archivists Legal Counsel RACO 2009 Ronald Reagan Building, Washington, D.C. March 5, 2009 Jason R. Baron Director of

More information

2015 NMSBA SCHOOL LAW CONFERENCE

2015 NMSBA SCHOOL LAW CONFERENCE 2015 NMSBA SCHOOL LAW CONFERENCE NETWORK SECURITY, DISTRICT POLICIES ON INTERNET USE, AND THE LAW Andrew M. Sanchez David A. Richter Cuddy & McCarthy, LLP 1 FEDERAL LAWS The Family Educational Rights and

More information

Office of Audits Report No. AUD-11-014. The FDIC s Privacy Program 2011

Office of Audits Report No. AUD-11-014. The FDIC s Privacy Program 2011 Office of Audits Report No. AUD-11-014 The FDIC s Privacy Program 2011 September 2011 Executive Summary The FDIC s Privacy Program 2011 Report No. AUD-11-014 September 2011 Why We Did The Audit The FDIC

More information

LEGISLATIVE DEPARTMENT POLICY

LEGISLATIVE DEPARTMENT POLICY LEGISLATIVE DEPARTMENT POLICY Effective Date: Replaces: Refers also to: Public Records Act RCW 42.56; Public Documents, Records and Publications RCW 40.14; Open Public Meetings Act RCW 42.30; SMC 3.42.020,

More information

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION CONTRACTOR SECURITY OF THE SOCIAL SECURITY ADMINISTRATION S HOMELAND SECURITY PRESIDENTIAL DIRECTIVE 12 CREDENTIALS June 2012 A-14-11-11106

More information

General Support System

General Support System PRIVACY IMPACT ASSESSMENT JUNE 30, 2015 General Support System Does the CFPB use the information to benefit or make a determination about an individual? No. What is the purpose? Store and Transmit all

More information

How To Manage Records In A Cloud

How To Manage Records In A Cloud Retention & Disposition of Records Residing in a Public Cloud: A Risk Management Approach Patricia C. Franks, PhD, IGP, CA, CRM International Symposium October 17, 2014 to mitigate risk Not all information

More information

OUTLINE AND OBJECTIVES

OUTLINE AND OBJECTIVES BYOD in the Federal Workplace: Privacy Considerations and Case Studies Moderator: Alex Tang, Attorney, Office of General Counsel, Federal Trade Commission (FTC) Panelists: Kimberly Hancher, Chief Information

More information

Games Cloud Vendors Play

Games Cloud Vendors Play International Municipal Lawyers Association, 2012 Mid Year Seminar, Washington, DC. Ethics Section Workshop 10:30 am 11:30 am, Sunday, April 22, 2012 Games Cloud Vendors Play From City of Los Angeles Agreement

More information

Privacy Impact Assessment

Privacy Impact Assessment AUGUST 16, 2013 Privacy Impact Assessment CIVIL PENALTY FUND AND BUREAU-ADMINISTERED REDRESS PROGRAM Contact Point: Claire Stapleton Chief Privacy Officer 1700 G Street, NW Washington, DC 20552 202-435-7220

More information

October 27, 2010. The Honorable John Berry Director Office of Personnel Management 1900 E Street, NW Washington, DC 20415. Dear Director Berry:

October 27, 2010. The Honorable John Berry Director Office of Personnel Management 1900 E Street, NW Washington, DC 20415. Dear Director Berry: October 27, 2010 The Honorable John Berry Director Office of Personnel Management 1900 E Street, NW Washington, DC 20415 Dear Director Berry: We are writing to express our concerns about the Health Claims

More information

Privacy Impact Assessment

Privacy Impact Assessment Privacy Impact Assessment For: Education Investigative Tracking System (EDITS) Date: April 10, 2013 Point of Contact: Hui Yang System Owner: Wanda A. Scott Author: William Hamel Office of Inspector General

More information

DoD Pathway to the Cloud

DoD Pathway to the Cloud Headquarters U.S. Air Force DoD Pathway to the Cloud Jodi Cramer AF/JAA 1 5/30/14 Desktops Application Tablets Monitoring Content Collaboration Platform Messaging Identity Database Runtime Infrastructure

More information

April 7, 2010 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES, AND INDEPENDENT REGULATORY AGENCIES

April 7, 2010 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES, AND INDEPENDENT REGULATORY AGENCIES EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C. 20503 ADMINISTRATOR OFFICE OF INFORMATION AND REGULATORY AFFAIRS April 7, 2010 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS

More information

County of Orange County Executive Office Information and Technology PURPOSE. County Social Media Use Policy and Procedure SOCIAL MEDIA USE

County of Orange County Executive Office Information and Technology PURPOSE. County Social Media Use Policy and Procedure SOCIAL MEDIA USE County of Orange County Executive Office Information and Technology PURPOSE SOCIAL MEDIA USE County Social Media Use Policy and Procedure Subject: Number: County Social Media Use Policy SM-001 Approved

More information

Office of Inspector General Audit Report

Office of Inspector General Audit Report Office of Inspector General Audit Report DOT LACKS AN EFFECTIVE PROCESS FOR ITS TRANSITION TO CLOUD COMPUTING Department of Transportation Report Number: FI-2015-047 Date Issued: June 16, 2015 U.S. Department

More information

INFORMATION PROCEDURE

INFORMATION PROCEDURE INFORMATION PROCEDURE Managing Social Media Records EPA Classification.: CIO 2155-P-06.0 CIO Approval Date: 06/12/2015 CIO Transmittal.: 15-006 Review Date: 06/12/2018 Issued by the EPA Chief Information

More information

Social Media Marketing Disclosure Guide

Social Media Marketing Disclosure Guide Social Media Marketing Disclosure Guide WOMMA August 2012 The WOMMA Guide to Disclosure in Social Media Marketing The WOMMA Ethics Code is the cornerstone for prudent practices in the WOM industry. In

More information

TITLE III INFORMATION SECURITY

TITLE III INFORMATION SECURITY H. R. 2458 48 (1) maximize the degree to which unclassified geographic information from various sources can be made electronically compatible and accessible; and (2) promote the development of interoperable

More information

Corporate Property Automated Information System CPAIS. Privacy Impact Assessment

Corporate Property Automated Information System CPAIS. Privacy Impact Assessment Corporate Property Automated Information System CPAIS Privacy Impact Assessment May 2003 CONTENTS Background...3 Access to the Data...5 Maintenance of Administrative Controls...9 1 Introduction The Office

More information

RESEARCH BRIEF vol 04 CROWDSOURCING, CITIZEN SCIENCE, AND THE LAW: LEGAL ISSUES AFFECTING FEDERAL AGENCIES ROBERT GELLMAN

RESEARCH BRIEF vol 04 CROWDSOURCING, CITIZEN SCIENCE, AND THE LAW: LEGAL ISSUES AFFECTING FEDERAL AGENCIES ROBERT GELLMAN RESEARCH BRIEF vol 04 CROWDSOURCING, CITIZEN SCIENCE, AND THE LAW: LEGAL ISSUES AFFECTING FEDERAL AGENCIES ROBERT GELLMAN CROWDSOURCING, CITIZEN SCIENCE, AND THE LAW: LEGAL ISSUES AFFECTING FEDERAL AGENCIES

More information

Federal Trade Commission Privacy Impact Assessment. for the: Analytics Consulting LLC Claims Management System and Online Claim Submission Website

Federal Trade Commission Privacy Impact Assessment. for the: Analytics Consulting LLC Claims Management System and Online Claim Submission Website Federal Trade Commission Privacy Impact Assessment for the: Analytics Consulting LLC Claims Management System and Online Claim Submission Website January 2015 Page 1 of 14 1 System Overview The Federal

More information

Federal Trade Commission Privacy Impact Assessment for:

Federal Trade Commission Privacy Impact Assessment for: Federal Trade Commission Privacy Impact Assessment for: DCBE Websites and Blogs Consumer.ftc.gov, Consumidor.ftc.gov, OnGuardOnline, AlertaenLinea, Consumer.gov, Consumidor.gov and the BCP Business Center

More information

Legal Environment for Federal BYOD

Legal Environment for Federal BYOD Legal Environment for Federal BYOD AMARC Workshop: Developing a BYOD Framework Federal Mobile Computing Summit (Washington, DC) Thursday, March 6, 2014, 9am-12pm Alex Tang, Attorney Office of General Counsel,

More information

Android Developer Applications

Android Developer Applications Android Developer Applications January 31, 2013 Contact Departmental Privacy Office U.S. Department of the Interior 1849 C Street NW Mail Stop MIB-7456 Washington, DC 20240 202-208-1605 DOI_Privacy@ios.doi.gov

More information

Privacy Impact Assessment. For. Financial Management System (FMS) Date: January 6, 2011. Point of Contact: System Owner: Author:

Privacy Impact Assessment. For. Financial Management System (FMS) Date: January 6, 2011. Point of Contact: System Owner: Author: For Financial Management System (FMS) Date: January 6, 2011 Point of Contact: Daniel Dytang, 202-377-3431, Daniel.Dytang@ed.gov System Owner: Milton L. Thomas Jr., 202-377-3182, Milton.Thomas@ed.gov Author:

More information

Bonita Springs Estero Association of REALTORS Policy: Member s Use of Social Media in the Real Estate Business

Bonita Springs Estero Association of REALTORS Policy: Member s Use of Social Media in the Real Estate Business Bonita Springs Estero Association of REALTORS Policy: Member s Use of Social Media in the Real Estate Business As used in this policy Broker shall refer to the Broker. REALTOR or Agent shall mean a licensed

More information

A. SYSTEM DESCRIPTION

A. SYSTEM DESCRIPTION NOTE: The following reflects the information entered in the PIAMS website. A. SYSTEM DESCRIPTION Authority: Office of Management Budget (OMB) Memorandum (M) 03-22, OMB Guidance for Implementing the Privacy

More information

Audit Report. The Social Security Administration s Management of Electronic Message Records

Audit Report. The Social Security Administration s Management of Electronic Message Records Audit Report The Social Security Administration s Management of Electronic Message Records A-14-15-25025 February 2016 MEMORANDUM Date: February 19, 2016 Refer To: To: From: The Commissioner Inspector

More information

Privacy Impact Assessment. For Education s Central Automated Processing System (EDCAPS) Date: October 29, 2014

Privacy Impact Assessment. For Education s Central Automated Processing System (EDCAPS) Date: October 29, 2014 For Education s Central Automated Processing System (EDCAPS) Date: October 29, 2014 Point of Contact and Author: D Mekka Thompson DMekka.Thompson@ed.gov System Owner: Greg Robison Greg.Robison@ed.gov Office

More information

U.S. OFFICE OF PERSONNEL MANAGEMENT OFFICE OF THE INSPECTOR GENERAL OFFICE OF AUDITS. Final Audit Report

U.S. OFFICE OF PERSONNEL MANAGEMENT OFFICE OF THE INSPECTOR GENERAL OFFICE OF AUDITS. Final Audit Report U.S. OFFICE OF PERSONNEL MANAGEMENT OFFICE OF THE INSPECTOR GENERAL OFFICE OF AUDITS Final Audit Report Audit of the Information Technology Security Controls of the U.S. Office of Personnel Management

More information

DATA BREACH POLICY IMPLENTATION GUIDE

DATA BREACH POLICY IMPLENTATION GUIDE DATA BREACH POLICY IMPLENTATION GUIDE OCTOBER 15, 2007 1 Data Breach Policy Implementation Guide Purpose The response to any breach of personally identifiable information (PII) can have a critical impact

More information

Information Security Program CHARTER

Information Security Program CHARTER State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information

More information

HIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014

HIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014 HIPAA PRIVACY AND SECURITY AWARENESS Covering Kids and Families of Indiana April 10, 2014 GOALS AND OBJECTIVES The goal is to provide information to you to promote personal responsibility and behaviors

More information