Best Practices: Elements of a Federal Privacy Program†
- CIO Council
This document serves as a best practices guide to help federal organizations implement and sustain privacy awareness and stewardship. This document can be integrated into any government organizational level – department, component, office, or program – responsible or accountable for privacy. The seven elements described in this document provide the basis for a robust federal privacy program. A strong and multi-faceted privacy program will help ensure that organizations consider privacy protections and controls when first making business decisions involving the collection, use, sharing, retention, disclosure, and destruction of personally identifiable information (PII), whether in paper or electronic form. These seven elements can also influence business decisions involving the use of new technologies or other interactions with the public, contractors, or employees that may not involve the collection and use of PII but may nonetheless raise privacy risks or concerns (e.g., the use of surveillance cameras, global positioning systems, or body imaging screening devices).