Federal IT systems, Web privacy policy issued

The Office of Management and Budget today instructed agencies to perform privacy assessments on all new IT systems and those that are undergoing major changes in an effort to better protect personal data collected by the federal government.

In a memo to agency executives, OMB director Joshua B. Bolten outlined how agencies should implement the privacy provisions detailed in the E-Government Act of 2002, which includes privacy assessments and Web site privacy statements. OMB has been working on this guidance for most of the last year.

The first round of privacy assessments for fiscal 2005 IT budget requests are due Friday, OMB said. Agencies worked on privacy assessments all summer after OMB required them in the budget instructions.

Bolten also asked agencies by Dec. 15 to develop plans to make Web site privacy policies machine-readable, which means the statement is in a computer language that can be automatically read by a Web browser.

"The privacy objective of the E-Government Act complements the National Strategy to Secure Cyberspace," Bolten said. "As the National Strategy indicates, cyberspace security programs that strengthen protections for privacy and other civil liberties, together with strong privacy policies and practices in the federal agencies, will ensure that information is handled in a manner that maximizes both privacy and security."

OMB said agencies must conduct the privacy analysis when developing or procuring IT systems that collect, maintain or disseminate information in an identifiable form from or about members of the public, or initiating a new electronic collection of information for 10 or more persons.

Agencies will not have to conduct assessments on government-run Web sites, on new or existing IT systems or collections of information where the data is not in an identifiable form, on systems with the purpose of providing feedback, national security systems and on systems where privacy has been addressed already, OMB said.

The memo also describes the content of the privacy assessment.

For their Web sites, OMB asked agencies to make sure they tell visitors:

  • When information collection is voluntary

  • How to grant consent for use of the personal data

  • Their rights under the Privacy Act and other laws.

  • OMB also will require agency Web sites to:

  • Disclose the nature of the information collected

  • The purpose and use of the information

  • Whether and with whom the information will be shared

  • The privacy safeguards applied to the information collected.

  • Jason Miller writes for Government Computer News.

    Reader Comments

    Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

    Please type the letters/numbers you see above

    What is your e-mail address?

    My e-mail address is:

    Do you have a password?

    Forgot your password? Click here


    • Dive into our Contract Award database

      In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

    • Navigating the trends and issues of 2016 Nick Wakeman

      In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

    contracts DB

    Washington Technology Daily

    Sign up for our newsletter.

    Terms and Privacy Policy consent

    I agree to this site's Privacy Policy.