Department of Navy Chief Information Officer - News: Compliance Spot Checks Key to Successful Privacy Program

Audit Readiness of IT Systems (0)	DIACAP (12)	Information Sharing (48)	Open Source (3)
Awards (35)	DON Enterprise Architecture (49)	IT Asset Management (20)	Performance Measurement (2)
Business Case Analysis (11)	Enterprise Licensing Agreements (12)	IT Efficiencies (119)	Personal Electronic Device (17)
CIO Authorities (56)	Enterprise Services (35)	IT Expenditure Approval Authority (12)	Printing and Imaging (Copiers/MFDs) (17)
Civil Liberties (21)	Enterprise Software Initiative (32)	IT Governance (48)	Privacy (257)
Clinger-Cohen Act Compliance (25)	FISMA (11)	IT Infrastructure (17)	Public Key Infrastructure (19)
Cloud Computing (21)	Forms/Reports (14)	IT Investment Management (77)	Records Management (38)
Common Access Card (9)	Freedom of Information Act (27)	IT Portfolio Management (1)	Section 508 (10)
Cybersecurity (240)	Functional Area Manager (9)	Knowledge Management (34)	Social Media (31)
Cyberspace/IT Workforce (34)	GIG Standards (20)	Naval Enterprise Networks (38)	Spectrum (56)
DADMS/DITPR-DON (42)	Green IT (10)	Naval Networking Environment (12)	Statutory & Regulatory Compliance (11)
Data at Rest (10)	Identity Management (112)	NGEN (18)	Telecommunications (62)
Data Center Consolidation (37)	IM/IT Strategy (44)	NMCI (27)	Wireless (65)
Data Strategy (12)	Information Assurance (63)

Compliance Spot Checks Key to Successful Privacy Program

By DON CIO Privacy Team - Published, January 1, 2010

ALNAV 070/07 Department of the Navy Personally Identifiable Information (PII) Training Policy states that, "Commanders/Commanding Officers/Officers in Charge will ensure that supervisors conduct a spot check of their assigned area of responsibility, focusing on those areas that deal with PII on a regular basis (e.g., human resources, personnel support, medical, etc.)." The ALNAV also states that the compliance spot check is a semi-annual requirement and should be considered an auditable record maintained by the command Privacy Act Coordinator or other designated official.

Countless lessons learned from commands and activities have demonstrated that employing PII spot checks and aggressive corrective action where weaknesses have been identified are key to a successful privacy program.

Some valuable tips regarding PII spot checks:

PII compliance spot checks are a supervisor responsibility.
The PII Compliance Spot Check Form should be used as a guide and is meant to be tailored to the specific needs of each command or activity.
Accountability of each form must be maintained for a period of three years.
PII compliance spot checks and actions taken to correct weaknesses, when used correctly, reduce the likelihood of future PII breaches.

View the PII Compliance Spot Check Form.

TAGS: Cybersecurity, IDManagement, Privacy

Processing of Electronic Storage Media for Disposal

Reduction of SSN Use Within DoD

PKI Interoperability with FVEY Partner Nations on the NIPRNet

DON Public Affairs Policy and Regulations

DON CIO Information

Online Services & Community

RSS Feeds

DON CIO FOIA

DON CIO Mobile Website

Website Accessibility

External Links Disclaimer

SECNAV DON CIO • 1000 Navy Pentagon
Washington, DC 20350-1000

This is an official U.S. Navy website (DoD Resource Locator 45376) sponsored by the Department of the Navy Chief Information Officer (DON CIO). The purpose of this website is to facilitate effective information flow about information management/information technology and cybersecurity issues and initiatives occuring within the Department of the Navy.

Please read our Privacy Policy notice.
Please read our Section 508/Accessibility Statement.

Trending

Compliance Spot Checks Key to Successful Privacy Program

By DON CIO Privacy Team - Published, January 1, 2010

TAGS: Cybersecurity, IDManagement, Privacy

DON CIO Information

Online Services & Community