Privacy Program

Privacy Program – The NIH Privacy Program is responsible for mitigating and managing privacy breaches within NIH, and coordinates with IC Privacy Coordinators across NIH to prevent and manage situations where persons other than authorized users have access, or potential access, to personally identifiable information (PII).

​​​
​​​​​​​

Privacy Program

The NIH Office of the Senior Official for Privacy (OSOP) is located within the Office of Management Assessment, Division of Management Support (DMS).  ​The OSOP collaborates with the Office of the Chief Information Officer (OCIO) and Office of General​ Counsel (OGC) as well as other key stakeholders (i.e., ISSOs, System Owners/Managers, Record Liaisons, Risk Management Officers, OMB Project Clearance Liaisons, Web Managers, Communication Directors, Training Coordinators).  Institute and Center (IC) Privacy Coordinators serve as the liaison between staff and the OSOP on general privacy issues which affect the IC.  

The Senior Official for Privacy:

  • Responds to requests for records submitted under the Privacy Act
  • Coordinates privacy-related activities
  • Develops privacy policy and procedures
  • Develops privacy awareness training
  • Communicates evolving Federal privacy requirements to staff
  • Reports on privacy compliance
  • Oversees privacy incident response efforts and activities

 

IC Privacy Coordinators:

  • Maintain an awareness of privacy laws and regulations
  • Advise IC staff on privacy issues
  • Foster the adoption of privacy policy and procedures
  • Distribute privacy news blasts
  • Ensure websites maintain current privacy policies
  • Respond to requests for records under the Privacy Act
  • Resolve privacy incidents/breaches
  • Respond to quarterly and annual FISMA data calls
  • Ensure completion of privacy awareness training
  • Review Privacy Impact Assessments (PIAs) on IT systems and TPWAs
  • Participate in the publication of System of Records Notices (SORNs)
  • Attend the Privacy Coordinator group meetings.

 

Contact the NIH Privacy Program: 

NIH Senior Official for Privacy: Celeste Dade-Vinson
National Institutes of Health
OD/OM/OMA/DMS
6011 Executive Blvd, Suite 601 ​
Rockville, Maryland 20892-7669
Phone: (301) 496-4606 or (301) 402-6201
Fax: (301) 402-0169
Email:
privacy@mail.nih.gov 
 
Privacy Yammer Groups (Privacy Matters and Privacy Professionals)


Yammer

To sign up for Yammer, contact Sandra Scarbrough, OD/OM/OSPA at scarbrough@od.nih.gov.  After the account is created, visit https://www.yammer.com and log on with your @nih.gov email address to locate the NIH.gov network.  Create your profile. read the Acceptable Use Policy, join the Privacy Matters public group and download the Yammer 101 document to learn the tips on how to Yammer at NIH.



Visit the NIH ListServ website (https://list.nih.gov) to subscribe to the following lists:
  • PRIVACY-L (for IC Privacy Coordinators)
  • NSAT-L (for NIH staff who conduct Privacy Impact Assessments and Security Accreditation & Authorization Packages)
 

Privacy Program

Privacy Program Laws, Policies, and Memoranda
Privacy Act​
Privacy Impact Assessments (PIAs)
Privacy Incidents and Breach Response
Social Media and Web Management
Training Resources
Privacy Program FAQs
Privacy Program Glossary
Privacy Program Laws & References
IC Privacy Coordinators​​
​​

Contacting DMS

Division of Management Support

Director, Ekaterini 'Katy' Perry

National Institutes of Health,

Office of Management Assessment

6011 Executive Blvd., Suite 601, MSC 7669

Rockville, MD 20852

Phone: (301) 496-2832 or (301) 496-4606

Fax: (301) 402-0169

Want to know more about allegations?

DPI has the authority to conduct reviews using certain rules and acts.

Learn More About Allegations
​​​​​​​​​​​​
​​