Skinner: DHS needs to shield personal information

The Homeland Security Department is not doing enough to protect personal identifying information within its computer systems, according to a new report from DHS Inspector General Richard L. Skinner.

Personal identifying information is any information that can be used to identify a person. It includes, for example, full name, telephone number, e-mail address, credit card numbers and date of birth.

While the department has performed draft assessments of privacy impacts and risks to most of its 699 systems, the final validations and approvals by the DHS Privacy Office are not yet complete, the report said.

Of the 699 computer systems within the department, 95 percent or more had been subjected to a security plan, security categorization and draft privacy threshold assessment as of September 2006, the report said. Eighty-five percent had completed a risk assessment.

But only 155 systems, or 23 percent, of those assessments and plans were validated by the privacy office as of that date. Of the 52 systems required to be covered by a Privacy Impact Assessment, only 20 of those assessments were approved as of September 2006, the inspector general said.

"Until DHS completes and validates the security documentation, privacy threshold assessments and privacy impact assessments for its systems and programs, the department lacks assurance that the risks associated with sensitive data and personal identifying information have been determined and appropriate security controls have been identified," the report said.

DHS also needs to complete encryptions of data on laptop computers and to strengthen protections of data during storage, and in transit, the 26-page report concludes.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

I agree to this site's Privacy Policy.