Office of the Senior Official for Privacy
For questions, contact your respective
IC Privacy Coordinator (see coordinator contact list
below) or contact:
Office of the Senior Official for Privacy
6011 Executive Blvd, Suite 601, MSC 7669
(301) 451-3426
(301) 402-0169 FAX
email: privacy@mail.nih.gov
-
Privacy Coordinator Group (PCG) Charter (revised July 2008)
- Privacy Management
Committee (PMC) Charter (revised July 2008)
- Monthly
Newsletter The NIH Eye on Privacy
- Protecting
Privacy at NIH (Tri-fold)
- The Privacy Act of 1974,
5 U.S.C. § 552a (as amended)
An online copy of the Privacy Act.
- OMB Instructions
for Complying with the President's Memorandum of May 14, 1998, "Privacy and
Personal Information in Federal Records"
- HHS
General Administration Manual, Part 45, Chapter 10, Privacy Act - Basic Requirements
and Relationships
This chapter sets forth Department policies, practices, and procedures for
administering provisions of the Privacy Act that apply to Department operations.
It describes the general framework of responsibility and organization for
carrying out these policies, practices, and procedures. It also summarizes
the basic requirements of the Privacy Act and indicates where in the Department
Staff Manual System other instructions applicable to the Privacy Act are located.
- HHS
General Administration Manual, Part 45, Chapter 13, Safeguarding Records Contained
in Systems of Records
This chapter describes specific requirements of the Privacy Act and provides
guidance for meeting them.
- HHS Secure One Website
The latest information and tools needed to ensure that NIH information is
secure and compliant with privacy laws. Click on the link for Policies & Guides
to keep up-to-date on privacy and security policies, procedures, and guidance.
- HHS Office for Civil Rights -
Health Insurance Portability & Accountability Act (HIPAA) of 2003
- Medical privacy information and National standards to protect the privacy
of personal health information.
- HHS
Privacy Awareness Training - The Federal Information Security Management Act of 2002 (FISMA) requires all “personnel (employees, contractors, etc.) directly involved in the administration of personal information or information technology systems, or with significant information security responsibilities” to complete this training. The course is also accessible through Secure One HHS Online (HHS Intranet) and the HHS Learning Portal (LMS). To ensure optimal viewing, please run the course utilizing Internet Explorer. Approximate duration: 30 minutes.
- NIH
Privacy Awareness Training - A theory-based, user friendly, custom designed web-based course that includes six modules. The modules provide an Introduction, discuss The Privacy Act, Federal Statutes, Roles and Responsibilities, Privacy Impact Assessments and allows you to Check Your Understanding at the conclusion of the course. It also includes a Glossary, References linked to privacy information, and a printable Resources option. The course is Section 508 compliant and includes audio and closed captioning. The course was designed to provide you with a Certificate of Completion after you have completed all modules. To ensure optimal viewing, please run the course utilizing Internet Explorer. Approximate duration: 30-60 minutes, depending upon your knowledge of the subject matter.
- HIPAA Privacy Rule
- Information for researchers.
- IT Security - The
Center for Information Technology's security homepage.
- IT Rules of Behavior
- NIH Information Technology General Rules of Behavior.
- Freedom of Information
Act (FOIA) - The FOIA homepage provides information on the submission
of FOIA requests, appeals, fees, exemptions, and policies.
- A
Citizen's Guide on Using the FOIA and Privacy Acts - PDF version.
- Frequently Asked
Questions
Questions and answers regarding privacy issues at NIH.
- Privacy Impact
Assessments (PIAs)
- Privacy
Coordinators
A list of IC points of contact for privacy issues.
- Privacy Coordinator
Group (PCG) Meetings
- Privacy Management
Committee (PMC) Meetings
- Privacy
Act Systems of Records Notices (SORNs)
- NIH
Information Technology Privacy Program - NIH Manual 1745
- NIH
Privacy Impact Assessments - NIH Manual 1745-1
- NIH
Web Page Privacy Policy - NIH Manual 2805
- NIH Web Privacy Statement
- A privacy policy statement on the NIH website.
- NIH Privacy
Act Notification Statement - Criteria for a privacy notification statement,
and sample statements to be considered for posting on NIH websites as well
as paper and electronic forms used to collect information.
- DHHS
Information Security Program Handbook - Issued December 2005.
- DHHS
Privacy Act Regulations - Links to specific chapters of the Privacy
Act.
- Additional Privacy Act and Freedom of Information Act Training Links
- A compilation of useful links.
American Society of Access Professionals
(ASAP)
The American Society of Access Professionals is a non-governmental, independent,
educational, not-for-profit association. It was founded in 1980 by concerned
federal government employees and private citizens in the fields of information
access through the Freedom of Information Act (FOIA), the Privacy Act (PA),
and laws and regulations. ASAP is the leading organization providing quality
professional educational programs. ASAP draws upon the highest caliber of
government FOIA and Privacy instructors along with known experts in the public
requester field to teach and discuss common problems in an open-dialogue forum
during annual symposiums and training conferences in the D.C. area.
Department of Justice Office
of Legal Education
The Department of Justice (DoJ) is the lead federal agency for Freedom of
Information Act (FOIA) information and offers excellent FOIA training. The
National Advocacy Center (NAC) is operated by the Department of Justice,
Executive Office for United States Attorneys. Programs for federal government
personnel are provided by the Office of Legal Education (OLE). The courses
include: Introduction to FOIA, FOIA Overview, Advanced FOIA, FOIA Administrative
Forum and FOIA for AAP/PA (attorneys, paralegals and information officers).
International Association
for Privacy Professionals (IAPP)
The IAPP offers individual memberships and its members receive an extensive
array of benefits designed to aid the busy privacy professional; including
a member directory, certification training programs for corporate (CIPP)
and government privacy professionals (CIPP/G), conference discounts, access
to research studies, and member-only content on the website. Its goal is
to keep its members informed of the changing privacy landscape.
USDA Graduate School
Chartered in 1921, the Graduate School, USDA has a rich history of excellence
in professional training and currently conducts more than 900 different
courses at locations throughout the country. Course # PMGT7000D entitled
“Freedom of Information and Privacy Act Workshop” teaches you how to respond
to Freedom of Information Act (FOIA) and Privacy Act (PA) requests. The
course is designed to teach you to become skilled at how to properly release
records to the public while safeguarding necessary information. Course
# LAWS3335C entitled “The Freedom of Information Act and the Privacy Act”
is about the Freedom of Information Act (legislative history, publication
requirements, processing requests, exemptions, fees) and the Privacy Act
(definitions, limitations of disclosure, access to records, publication
requirements, exemptions and new systems reports). The course is designed
to train administrative and legal personnel who work with these acts.
- "Your
Right to Federal Records - Questions and Answers on the Freedom of Information
Act and Privacy Act"
|