Enclosure (1) to COMDTINST 5260.4A
4.2
For each organization, what information is shared and for what
purpose?
4.3
How is the information transmitted or disclosed?
Privacy Impact Analysis: Given the internal sharing, discuss what privacy risks were identified
and how they were mitigated. For example, if a decision was made to limit internal sharing to certain
components because of privacy or other concerns, include such a discussion.
Section 5.0
External sharing and disclosure
The following questions are intended to define the content, scope, and authority for information
sharing external to DHS which includes Federal, state and local government, and the private sector.
5.1
With which external organizations is the information shared?
5.2
What information is shared and for what purpose?
5.3
How is the information transmitted or disclosed?
5.4
Is a Memorandum of Understanding (MOU), contract, or any
agreement in place with any external organizations with whom
information is shared, and does the agreement reflect the scope of
the information currently shared?
5.5
How is the shared information secured by the recipient?
5.6
What type of training is required for users from agencies outside
DHS prior to receiving access to the information?
Privacy Impact Analysis: Given the external sharing, what privacy risks were identified and
describe how they were mitigated. For example, if a decision was made to limit external sharing, include
such a discussion.
25