Footnote 1:
Responses to Security-Related Questions Raised in OMB’s Fiscal Year 2005 Reporting Instructions for FISMA and Agency Privacy Management (Report No. 05-034), dated September 16, 2005; and Independent Evaluation of the FDIC’s Information Security Program-2005 (Report No. 05-040), scheduled for issuance on September 30, 2005.
Footnote 2:
OMB defines “information in an identifiable form” as information in a system or on-line collection that directly identifies an individual (e.g., name, address, social security number (SSN) or other identifying code, telephone number, e-mail address, etc.) or by which an agency intends to identify specific individuals in conjunction with other data elements.
Footnote 3:
This Act is division H of the Consolidated Appropriations Act, 2005, Public Law No. 108-447.
Footnote 4:
Such policy includes OMB Memorandums M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002, and M-05-08, Designation of Senior Agency Officials for Privacy.
Footnote 5:
Reports entitled, FDIC’s Privacy and Security Notices-Requirements and Policy Statements on the Internet and Intranet, dated May 19, 2000 (Report No. 00-004); FDIC’s Information Handling Practices for Sensitive Employee Data, dated October 11, 2000 (Report No. 00-006); and Control Over the Use and Protection of Social Security Numbers by Federal Agencies, dated February 14, 2003 (Report No. 03-012).