Enclosure (1) to COMDTINST 5260.4A
8.8
Is the data secured in accordance with FISMA requirements? If yes, when was
Certification & Accreditation last completed?
Privacy Impact Analysis: Given access and security controls, what privacy risks were identified
and describe how you mitigated them. For example, if a decision was made to tighten access
controls by restricting access to specific users, include such a discussion.
Section 9.0 Technology
The following questions are directed at critically analyzing the selection process for any
technologies utilized by the system, including system hardware, RFID, biometrics and other
technology.
9.1
Were competing technologies evaluated to assess and compare their ability to
effectively achieve system goals?
9.2
Describe how data integrity, privacy, and security were analyzed as part of the
decisions made for your system.
9.3
What design choices were made to enhance privacy?
Conclusion
The concluding section should inform the reader, in a summary fashion, how you constructed
your system, program, rule, or technology based on privacy risks and mitigation strategies.
Approval and Signature Page
Provide a contact name and number for the privacy officer or program manager of the program
covered by this PIA, as well as a place for the Chief Privacy Officer to sign the final PIA when it
is completed and approved.
Questions? Contact Us.
Privacy Office
U.S. Department of Homeland Security
Arlington, VA 22202
Email: pia@dhs.gov
Phone: 571-227-3813
Web Site Link: www.dhs.gov/privacy
18