Federal agencies are required to designate a Senior Agency Official for Privacy (SAOP) who has agency-wide responsibility and accountability for ensuring compliance with applicable privacy requirements and managing privacy risks. The SAOP is required to have a central policy-making role and is responsible for ensuring that the agency considers the privacy impact of all agency actions and policies that involve PII. The SAOP is responsible for ensuring that the agency complies with applicable privacy requirements in statute, regulation, and policy.
Related Laws, Policies, and Resources:
-
Executive Order 13719, Establishment of the Federal Privacy Council (February 9, 2016)
This Executive Order reinforces the principle that the proper functioning of Government requires the public’s trust, and to maintain that trust the Government must strive to uphold the highest standards for collecting, maintaining, and using personal data. Among other things, it requires the head of each Federal agency to designate a SAOP with the experience and skills necessary to manage an agency-wide privacy program.
-
OMB Circular A-130, Managing Information as a Strategic Resource (July 28, 2016)
This Circular establishes general policy for the planning, budgeting, governance, acquisition, and management of Federal information, personnel, equipment, funds, IT resources, and supporting infrastructure and services. Among other things, it assigns specific responsibilities to the SAOP associated with the management Federal information resources.
-
OMB Memorandum M-16-24, Role and Designation of Senior Agency Officials for Privacy (September 15, 2016)
This Memorandum revises policies on the role and designation of the SAOP. Among other things, it establishes requirements governing the designation and responsibilities of the SAOP.