Federal Privacy Programs
In order to manage Federal information resources that involve personally identifiable information (PII), agencies are required to develop, implement, document, maintain, and oversee agency-wide privacy programs that include people, processes, and technologies. To ensure that agencies effectively carry out the privacy-related functions described in law and OMB policies, Executive Order 13719 requires the head of each agency to designate or re-designate a Senior Agency Official for Privacy (SAOP) who has agency-wide responsibility and accountability for the agency’s privacy program.
Among other things, where PII is involved, agencies’ privacy programs play a key role in information security, records management, strategic planning, budget and acquisition, contractors and third parties, workforce, training, incident response, and implementing the Risk Management Framework.
Moreover, agencies may consider establishing privacy programs and privacy officials at sub-agencies, components, or programs where there is a need for privacy leadership in support of the SAOP. In all cases, however, the SAOP retains responsibility and accountability for the agency’s privacy program, including privacy functions performed by officials at sub-agencies, components, or programs.
For a list of Federal laws related to privacy, visit the Law Library page
Executive Orders, Memoranda, and Directives
Tip: Section 6 requires that “[e]ach agency must maintain a central resource page dedicated to its privacy program on the agency’s principal website. The agency’s Privacy Program Page must serve as a central source for information about the agency’s practices with respect to PII. The agency’s Privacy Program Page must be located at [http://www.[agency].gov/privacy] and must be accessible through the agency’s “About” page.
Tip: See Appendix II, Section 5, Agency Privacy Program
Tip: See Appendix J, AR-1, Governance and Privacy Program (Apr. 2013)