Proposal seeks to protect agencies' private information

With a blended workforce and the need to share more sensitive information across boundaries, the Obama administration wants contractors to know how to protect an agency’s information and to take their obligation seriously.

Contractors would have to complete training that addresses the privacy protections in the law and how to handle and safeguard of personally identifiable information, according to a proposed rule published in the Federal Register Oct. 14.

Officials are taking comments through Dec. 13.


Related stories:

Executive order puts information sharing in the spotlight

Experts see more openness to being open with info


Federal officials want to ensure that contractors identify their employees who require access to government’s record systems and handle the sensitive information, or even design and operate a record system.

Contractors would have to complete training initially upon award of the contract and at least annually from there.

The minimum training must address:

  • Protecting privacy.
  • Authorized and official use of a government system of records.
  • Handling and safeguarding PII.
  • Restrictions on the use of personally-owned equipment to access or store PII.
  • Prohibition against access by unauthorized users.
  • Procedures to notify officials of a breach in order to minimize risk and to ensure prompt actions.
  • Any agency-specific privacy training requirements.

Agencies would have to provide contractors with the privacy training materials. Contractors would have to keep record their employees who have completed the training.

Agencies often have their own training, but these requirements give some consistency throughout the government, the notice states.

Information sharing has become extremely important since the Sept. 11, 2011, terrorist attacks, experts and officials say. But there are complications to sharing.

Wikileaks, which disclosed sensitive and classified U.S. documents, exposed the risks of what might be called over sharing, without necessary safeguards, said Sen. Joe Lieberman (I-Conn.), chairman of the Homeland Security and Governmental Affairs Committee.

“New communications technologies have made it more difficult to ensure that critical information is retained for appropriate use by law enforcement. And of course we have to ensure that information is shared in a way that adequately protects the privacy and civil liberties of our citizens,” he said during a hearing on Oct. 12 that looked as the changes in information sharing since the terrorist attacks.

On Oct. 7, President Barack Obama issued an executive order that set guidelines for federal information sharing, including an expansion of the Information Sharing Environment, an official governmentwide policy that enhances the ability to share terror-related data.

Thomas McNamara, program manager for the ISE from 2006 until 2009, told Lieberman’s committee that program mangers’ most important job is ensuring all users in the ISE observe the rules. The past five years have produced a viable, replicable methodology to monitor and oversee policies of privacy rights and civil liberties.

“Without it, support for the ISE will wither and die,” he said.

About the Author

Matthew Weigelt is a freelance journalist who writes about acquisition and procurement.

Featured

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

Stay Connected