“CBP has made limited progress toward instilling a culture of privacy that protects sensitive personally identifiable information. This is in part because it has not established a strong organizational approach to address privacy issues across the component. To strengthen its organizational approach to privacy, CBP needs to establish an Office of Privacy with adequate resources and staffing and hold Assistant Commissioners and Directors accountable for their employees understanding of and compliance with their privacy responsibilities. In addition, CBP needs to improve its compliance with Federal privacy laws and regulations. Specifically, it needs to develop a complete inventory of its personally identifiable information holdings, complete privacy threshold analyses for all systems, and develop accurate system of records notices for its systems. CBP also needs to ensure that privacy impact assessments are conducted for all personally identifiable information systems.”
Sorry, comments are closed for this post.