Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Breach Response

It is critically important that Federal agencies remain vigilant and prepare for and understand how to respond to a breach in today's threat landscape. An agency's effective detection and expeditious response to a breach is important to reduce the risk of harm to potentially affected individuals and to keep the public's trust in the ability of the Federal Government to safeguard personally identifiable information (PII).

Related Laws, Policies, and Resources

  • Federal Information Security Modernization Act of 2014

    Among other things, the Federal Information Security Modernization Act of 2014 (FISMA) strengthens transparency and accountability, including by making important improvements to the way Federal data breaches are managed and reported to Congress and the public.

  • OMB Circular A-130, Managing Information as a Strategic Resource (July 28, 2016)

    This Circular establishes general policy for the planning, budgeting, governance, acquisition, and management of Federal information, personnel, equipment, funds, IT resources, and supporting infrastructure and services. It requires Federal agencies to develop and implement incident management policies and procedures, in accordance with OMB policies and NIST guidelines that address incident detection, response, and recovery.

  • OMB Memorandum M-20-04, Fiscal Year 2019-2020 Guidance on Federal Information Security and Privacy Management Requirements (November 19, 2019)

    Among other things, this Memorandum provides agencies with a definition and framework for assessing whether an incident is a major incident for purposes of the Congressional reporting requirements under FISMA. This memorandum also provides specific considerations for determining the circumstances under which a breach constitutes a major incident.

  • US-CERT Federal Incident Notification Guidelines (April 1, 2017)

    These guidelines provide guidance to Federal agencies on when to submit incident notifications to the National Cybersecurity and Communications Integration Center (NCCIC)/United States Computer Emergency Readiness Team (US-CERT).

  • OMB Memorandum M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information (January 3, 2017)

    This Memorandum sets forth the policy for Federal agencies to prepare for and respond to a breach of PII. It includes a framework for assessing and mitigating the risk of harm to individuals potentially affected by a breach, as well as guidance on whether and how to provide notification and services to those individuals.