NASA places a high priority on protecting information in identifiable form that is collected, used, maintained, and disseminated by the Agency. In so doing, the Agency's policies for the protection of such information are responsive to numerous statutory requirements and oversight guidance provided by the Office of Management and Budget (OMB) memoranda and circulars.
NASA Privacy Policies and Plans
Did You Know that all IT Security incidents involving the breach of personally identifiable information (PII), whether in electronic or physical form, must be reported to the Security Operations Center (SOC) immediately upon discovery. It doesn’t matter if the breach is suspected or confirmed.
Sample Scenario:
NASA worker loses her laptop. She reports it to the SOC.
A person at the SOC receives it and replies, asking relevant questions. SOC personnel report it, in accordance with government requirements. They will then work with NASA Center personnel to conduct mitigation actions as appropriate.
NASA Officials for Privacy Related Matters
NASA Privacy Program Manager:
Bryan McCall
NASA Office of the Chief Information Officer
NASA Headquarters
Washington, DC 20546-0001
Contact: 202-358-1767
NASA Agency Privacy Act Officer:
Patti F. Stockman
NASA Office of the Chief Information Officer
NASA Headquarters
Washington, DC 20546-0001
Contact: 202-358-4787
Privacy Impact Assessments
Privacy Act System Of Records Notices (SORNs)
NASA PII Review and Reduction Reports