ABOUT THE OFFICE
Authorities
OMB GUIDANCE
- OMB M-10-23, "Guidance for Agency Use of Third-Party Websites and Applications", June 25, 2010
- OMB M-10-22, "Guidance for Online Use of Web Measurement and Customization Technologies", June 25, 2010
- OMB M-07-16, "Safeguarding Against and Responding to the Breach of Personally Identifiable Information", May 22, 2007
- OMB M-03-22, OMB "Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002", September 26, 2003
- This guidance replaces and modifies:
- OMB M-00-13, "Privacy Policies and Data Collection on Federal Web Sites", June 22, 2000
- OMB M-99-18, "Privacy Policies on Federal Web Sites", June 2, 1999
- OMB M-99-05, "Instructions on Complying with President's Memorandum of May 14, 1998 'Privacy and Personal Information in Federal Records'", January 7, 1999
- OMB M-01-05, "Guidance on Inter-Agency Sharing of Personal Data-Protecting Personal Privacy", December 20, 2000
- OMB Circular A-130, Revised, Transmittal No. 4
- Federal Register Notice Volume 56, Number 78, "Proposed Guidance on the Computer Matching and Privacy Protection Amendments of 1990", April 23, 1991
- Federal Register Notice Volume 54, Number 116, "Final Guidance Interpreting the Provisions of Public Law 100-503, the Computer Matching and Privacy Protection Act of 1988", June 19, 1989
- Federal Register Notice Volume 52, Number 75, "Guidance on Privacy Act Implications of 'Call Detail' Programs", April 20, 1987
- OMB Memorandum, "Privacy Act Guidance - Update", May 24, 1985
- Federal Register Notice Volume 48, Number 70, "Guidelines on the Relationship of the Debt Collection Act of 1982 to the Privacy Act of 1974", March 30, 1983
- Federal Register Notice Volume 40, Number 234, "Supplementary Guidance", December 4, 1975
- Federal Register Notice Volume 40, Number 132, "Guidance and Responsibilities", July 9, 1975
DoD ISSUANCES
- DoDD 5400.11, "DoD Privacy Program", May 8, 2007 Incorporating Change 1, September 1, 2011
- DoD 5400.11-R, "Department of Defense Privacy Program",
May 14, 2007
Policy Memos:
- DA&M Memorandum, "Use of Best Judgement for Indiviual Personally Identifiable Information (PII) Breach Notification Determinations", August 2, 2012
- DPCLO Memorandum, "Explanation of Memorandum, 'Social Security Numbers (SSN) Exposed on Public Facing and Open Government Websites'", November 30, 2010
- DA&M Memorandum, "Social Security Numbers (SSN) Exposed on Public Facing and Open Government Websites", November 23, 2010
- USD(P&R) Memorandum, "Updated Plan for the Removal of Social Security Numbers (SSNs) from DoD ID Cards", November 5, 2010
- DA&M Memorandum, "Safeguarding Against and Responding to the Breach of Personally Identifiable Information", June 05, 2009
- CIO Memorandum, "Protection of Controlled Unclassified Information on DoD Information System Connected to the Internet", September 22, 2008
- DTM 07-015-USD(P&R), "DoD Social Security Number (SSN) Reduction Plan", August 1, 2012
- DA&M Memorandum, "Appointment of a Senior Official for Privacy and Issuance of Revised Privacy Program Compliance Reporting Requirements", February 7, 2008
- CIO Memorandum, "Encryption of Sensitive Unclassified Data at Rest on Mobile Computing Devices and Removable Storage Media", July 03, 2007
- CIO Memorandum, "Department of Defense (DoD) Guidance on Protecting Personally Identifiable Information (PII)", August 18, 2006
Policy and Guidance:
Below is a listing of DoD policy and guidance and the corresponding OMB memoranda requirements to which it responds.
- CIO Memorandum "Encryption of Sensitive Unclassified Data at Rest on Mobile Computing Devices and Removable Storage Media", Jul 3, 2007:
- ■ OMB M-06-15
- ■ OMB M-06-16
- CIO Memorandum "DoD Guidance on Protecting Personally Identifiable Information", Aug 18, 2006:
- ■ OMB M-06-15
- ■ OMB M-06-16
- ■ OMB M-06-19
- ■ OMB M-07-16
- DoD 5400.11-R "DoD Privacy Program" May 14, 2007:
- ■ OMB M-05-08
- ■ OMB M-06-15
- ■ OMB M-06-19
- ■ OMB Memo, Sep 20, 2006
- ■ OMB M-07-16
DPCLO GUIDANCE
Defense Privacy Board Advisory Opinions
The advisory opinions are issued by the Defense Privacy Board regarding matters impacting on the Defense Privacy Program. The opinions, which are initially considered and formulated by the Defense Privacy Board Legal Committee, address issues of common or mutual Department-wide interest or concern and serve to promote uniform and consistent policies among the DoD Components in implementation of the Privacy Program. All opinions are subject to approval by the General Counsel, Department of Defense.
- Providing Wage And Earning Statements (W-2 Forms) Of Military Personnel To State And Local Taxing Authorities
- Privacy Rights And Deceased Persons
- Disclosure Of Records From A System Of Records To The Next Of Kin Of Persons Missing In Action Or Otherwise Unaccounted For
- Corrections Of Military Records Under The Privacy Act
- Applicability Of The Privacy Act To National Guard Records
- Assessing Fees To Members Of Congress For Furnishing Records Which Are Subject To The Privacy Act
- Disclosure Of Home Of Record To Members Of Congress
- Accounting For Disclosures Of Records Through Military Legislative Liaison Channels
- The Privacy Act And Minors
- Disclosure Of Identities Of Confidential Sources From Investigative Records Exempted Under Subsection (k)(2)
- Application Of The Privacy Act To Information In Hospital Committee Minutes
- Accounting For Mass Disclosures Of Records To Other Agencies
- Disclosure Of Records To State Agencies To Validate Unemployment Compensation Claims Of Former Federal Employees And Military Members
- Disclosure Of Records To Financial Institutions
- Disclosure Of Photographs In The Custody Of The Department Of Defense
- Disclosure Of Records From Systems Of Records To A Contractor Pursuant To A Contract
- Definition Of An "Agency Or Instrumentality Of Any Jurisdiction Within Or Under The Control Of The United States"
- Location Of Privacy Act Advisory Statements
- Privacy Act Advisory Statements For Inspector General Complaint Forms
- Recruitment Advertisements In The Public Media
- Information Requested In The Public Domain
- Implications On Various Methods Of Distributing Leave And Earning Statements
- The Appearance Of The Social Security Number In The Window Of An Envelope Containing Record Information Does Not Constitute A Disclosure
- What Constitutes A Privacy Act Request For Access Or Amendment For Purposes Of Compliance With Processing And Reporting Requirements
- Information Pertaining To Third Parties May Not Be Protected By The Privacy Act
- Disclosure Of Security Clearance Level
- Privacy Act Applicability To Legal Memoranda Maintained In A System Of Records
- The Privacy Act Does Not Apply To Files Indexed By Non-Personal Identifiers And Retrieved By Memory
- Depersonalizing Computer Cards And Printouts Before Disposal
- No Supplemental Charges May Be Assessed For Unlisted Telephone Number Service On Installations Where No Commercial Service Is Available
- The Privacy Act General Exemption Does Not Follow The Record
- The Privacy Act System Notice Requirement Applies To Court-Martial Files
- A Routine Use Is Not Required For Disclosure Of Department Of Defense Records To The National Archives And Records Administration And To The General Services Administration
- Definition Of "Order Of A Court Of Competent Jurisdiction"
- Records May Be Disclosed To Service-Oriented Social Welfare Organizations Pursuant To An Established Routine Use
- Privacy Act Warning Labels
- Disclosure Of Records Concerning Charitable Contributions Or Participation In Savings Bond Programs
- Personal Notes As Records Within A System Of Records
- Requirement For Privacy Act Advisory Statements For Administrative Proceedings
- Access To Medical Records By Individuals Who Could Be Adversely Affected
- No Requirement To Provide Privacy Act Advisory Statements To Labor Organizations
- Information On Forms Attached To Security Containers Or Facilities Is Subject To The Privacy Act
- Verifying The Accuracy Of Personal Data In A Record Is Subject To The Privacy Act
- One Department Of Defense Component May Disclose Health Care Records To Another Without A Routine Use Or Consent
- Disclosure Of The Original, Pre-1968, Serial Number (Service Number) Assigned To Military Personnel
- The Social Security Number On Building And Installation Badges
- Using Both General And Specific Privacy Act Exemptions For The Same System Of Records
- Disclosure Of Information In Blanket Orders