OMB reminds agencies to secure information

Office of Management and Budget's May 22 memo

The Office of Management and Budget re-emphasized agencies’ duty to protect personal information, in a memo released May 22, as concern grows over the Department of Veterans Affairs’ loss of the personally identifiable information — including Social Security numbers — of millions of veterans.

OMB directed agencies to review policies for safeguarding personal information and include the findings in their upcoming Federal Information Security Management Act reports due this fall.

A laptop computer with millions of veterans’ personal information was stolen last week from a VA employee’s home.

Clay Johnson, OMB’s deputy director for management, wants agencies to note any weaknesses in security plans and milestones required by FISMA. He is requiring agencies to remind employees within the next 30 days of their responsibilities for safeguarding sensitive information, the rules for acquiring and using the information and the penalties for violating the rules. He also told agencies to report all security incidents.

Johnson in the May 22 memo pointed out that OMB told agencies last year to appoint a senior agency official for privacy at the assistant-secretary level. All agencies have done so, according to the memo.

“Because federal agencies maintain significant amounts of information concerning individuals, we have a special duty to protect that information from loss and misuse,” Johnson wrote.

According to OMB’s Feb. 11, 2005, memo, the appointed privacy official would oversee and coordinate an agency’s efforts in compliance to privacy standards.

In the May 22 memo, Johnson advised agencies to review their policies and take appropriate action to install safeguards to avoid incidents such as the VA’s current situation. He directed them to address administrative, technical and physical means used by agencies to control information removal from agency premise.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.