DHS to consolidate Systems of Records Notices

The Homeland Security Department’s Privacy Office plans to consolidate many of its System of Records Notices (SORNs) to ensure its information systems' privacy implications can be accurately assessed.

When many of the 22 agencies that comprise DHS were folded into the department in 2003, they brought legacy information technology systems and the Privacy Act-required notices for those systems. DHS’ privacy office has been working to review the department’s 200-plus legacy SORNs and consolidate many of them.

For example, the department announced its plans to consolidate the SORNs for a wide range of systems that manage department assets, payroll, personnel, accounts payable and receivable, as well as legal and contractor records. DHS announced the SORN consolidation plans through a series of notifications published in the Federal Register during October.

Agencies are required to publish notifications of new records systems or revisions to existing systems that fall under the Privacy Act. The Office of Management and Budget's Circular A-130 requires the agencies to review the notices every two years.

In a report last year, the Government Accountability Office said by not keeping the notices current, “DHS hinders the public’s ability to understand the nature of DHS systems-of-records notices and how their personal information is being used and protected.”

Hugo Teufel, DHS’ chief privacy officer, said his office has been addressing GAO’s concern by reviewing the legacy notices and consolidating some of them.

Teufel said it took his office months to go through the 200-plus legacy SORNs and assess which systems could be covered by DHS-wide notices and to draft new SORNs that apply to multiple systems across the department.

Teufel said when the consolidation process is complete, his office will have cut the number of SORNs from more than  200 to between 75 and 100.

“The great thing about this project is that it’s an example of how the 22 pieces of the department are coming together," he said.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected