Enclosure (1) to COMDTINST 5260.4A
7.4
If no redress is provided, are alternatives are available?
Privacy Impact Analysis: Given the access and other procedural rights provided for in the Privacy
Act of 1974, what procedural rights are provided and, if access, correction and redress rights are not
provided please explain why not.
Section 8.0
Technical Access and Security
The following questions are intended to describe technical safeguards and security measures.
8.1
Which user group(s) will have access to the system? (For example,
program managers, IT specialists, and analysts will have general
access to the system and registered users from the public will
have limited access.)
8.2
Will contractors to DHS have access to the system? If so, please
submit a copy of the contract describing their role to the Privacy
Office with this PIA.
8.3
Does the system use "roles" to assign privileges to users of the
system?
8.4
What procedures are in place to determine which users may
access the system and are they documented?
8.5
How are the actual assignments of roles and rules verified
according to established security and auditing procedures?
8.6
What auditing measures and technical safeguards are in place to
prevent misuse of data?
8.7
Describe what privacy training is provided to users either generally
or specifically relevant to the functionality of the program or
system?
8.8
Is the data secured in accordance with FISMA requirements? If
yes, when was Certification & Accreditation last completed?
27