U.S. Homeland Security Department reviews privacy policies
The U.S. Department of Homeland Security’s Privacy Office recently outlined policies in its recent year-end review.
The review revealed that the office is participating in the process to provide real-time capabilities to the National Cybersecurity and Communications Integration Center (NCCIC). The NCCIC serves as a 24/7 cyber monitoring, incident response, and management center and as a national point of cyber and communications incident integration.
The privacy office is working on a process to send and receive cyber threat indicators from government and private organizations vis-a-vis the center, according to the DHS review. The center functions under a mandate to prevent or minimize disruptions to critical information infrastructure in order to protect the public, the economy, and government services. The ultimate goal is to increase the security of critical networks. The integration center is DHS’s cyber awareness and incident response center, and is the nexus of cyber and communications integration for the government and law enforcement.
In the document, DHS also examined its privacy and security policies for government employees. The review revealed that DHS has drafted a policy to ensure that appropriate privacy protections are incorporated into mobile applications developed by or for the department.
The review also revealed that the Privacy Office partnered with the Screening Coordination Office at DHS to renegotiate biometrics-based information sharing agreements with the Department of Defense and the Department of Justice.
The Privacy Office provided advice on requirements for sharing consistent with systems of record notices and DHS privacy policies. DHS expects that these agreements will be completed during the next reporting period.