Department of Navy Chief Information Officer - Resources: Fair Information Practices

Audit Readiness of IT Systems (0)	DIACAP (12)	Information Sharing (48)	Open Source (3)
Awards (35)	DON Enterprise Architecture (49)	IT Asset Management (20)	Performance Measurement (2)
Business Case Analysis (11)	Enterprise Licensing Agreements (12)	IT Efficiencies (119)	Personal Electronic Device (17)
CIO Authorities (56)	Enterprise Services (35)	IT Expenditure Approval Authority (12)	Printing and Imaging (Copiers/MFDs) (17)
Civil Liberties (21)	Enterprise Software Initiative (32)	IT Governance (48)	Privacy (257)
Clinger-Cohen Act Compliance (25)	FISMA (11)	IT Infrastructure (17)	Public Key Infrastructure (19)
Cloud Computing (21)	Forms/Reports (14)	IT Investment Management (77)	Records Management (38)
Common Access Card (9)	Freedom of Information Act (27)	IT Portfolio Management (1)	Section 508 (10)
Cybersecurity (240)	Functional Area Manager (9)	Knowledge Management (34)	Social Media (31)
Cyberspace/IT Workforce (34)	GIG Standards (20)	Naval Enterprise Networks (38)	Spectrum (56)
DADMS/DITPR-DON (42)	Green IT (10)	Naval Networking Environment (12)	Statutory & Regulatory Compliance (11)
Data at Rest (10)	Identity Management (112)	NGEN (18)	Telecommunications (62)
Data Center Consolidation (37)	IM/IT Strategy (44)	NMCI (27)	Wireless (65)
Data Strategy (12)	Information Assurance (63)

Fair Information Practices

By DON CIO Privacy Team - Published, October 15, 2010

The Privacy Act of 1974 is largely based on a set of internationally recognized principles for protecting the privacy and security of personal information known as the Fair Information Practices. A U.S. government advisory committee first proposed the practices in 1973 to address what it termed a poor level of protection afforded to privacy under contemporary law. The Organization for Economic Cooperation and Development (OECD) developed a revised version of the Fair Information Practices in 1980 that has, with some variation, formed the basis of privacy laws and related policies of many countries, including the United States, Australia, New Zealand and the European Union.

These practices are now widely accepted as a standard benchmark for evaluating the adequacy of privacy protections. The eight principles of the Fair Information Practices are listed below.

Collection Limitation: The collection of personal information should be limited, should be obtained by lawful and fair means, and, where appropriate, with the knowledge or consent of the individual.
Data Quality: Personal information should be relevant to the purpose for which it is collected, and should be accurate, complete and current as needed for that purpose.
Purpose Specification: The purposes for the collection of personal information should be disclosed before collection and upon any change to that purpose, and its use should be limited to those purposes and compatible purposes.
Use Limitation: Personal information should not be disclosed or otherwise used for other than a specified purpose without consent of the individual or legal authority.
Security Safeguards: Personal information should be protected with reasonable security safeguards against risks such as loss or unauthorized access, destruction, use, modification or disclosure.
Openness: The public should be informed about privacy policies and practices, and individuals should have ready means of learning about the use of personal information.
Individual Participation: Individuals should have the following rights: to know about the collection of personal information, to access that information, to request correction, and to challenge the denial of those rights.
Accountability: Individuals controlling the collection or use of personal information should be accountable for taking steps to ensure the implementation of these principles.

The Fair Information Practices are not precise legal requirements. Rather, they provide a framework of principles for balancing the need for privacy with other public policy interests, such as national security, law enforcement and administrative efficiency. Ways to strike that balance vary among countries and according to the type of information under consideration.

TAGS: IA, IDManagement, KM, Privacy

Reduction of SSN Use Within DoD

DITPR-DON Process Guidance v1.0

Department of the Navy Social Security Number Reduction Plan for Forms Phase One

DoD and DON Privacy Impact Assessment Guidance

DON CIO Information

Online Services & Community

RSS Feeds

DON CIO FOIA

DON CIO Mobile Website

Website Accessibility

External Links Disclaimer

SECNAV DON CIO • 1000 Navy Pentagon
Washington, DC 20350-1000

This is an official U.S. Navy website (DoD Resource Locator 45376) sponsored by the Department of the Navy Chief Information Officer (DON CIO). The purpose of this website is to facilitate effective information flow about information management/information technology and cybersecurity issues and initiatives occuring within the Department of the Navy.

Please read our Privacy Policy notice.
Please read our Section 508/Accessibility Statement.

Trending

Fair Information Practices

By DON CIO Privacy Team - Published, October 15, 2010

TAGS: IA, IDManagement, KM, Privacy

DON CIO Information

Online Services & Community