Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Slides:



Advertisements
Similar presentations
June 27, 2005 Preparing your Implementation Plan.
Advertisements

Data Sharing In Accordance with HIPAA
Advanced Piloting Cruise Plot.
Chapter 1 The Study of Body Function Image PowerPoint
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
INTERNAL CONTROLS.
Overview of Performance Measurement. Learning Objectives By the end of the module, you will be able to: Describe what performance measurement is, and.
2 Session Objectives Increase participant understanding of effective financial monitoring based upon risk assessments of sub-grantees Increase participant.
UNITED NATIONS Shipment Details Report – January 2006.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
The Managing Authority –Keystone of the Control System
Module N° 7 – Introduction to SMS
Module N° 9 – SMS operation
New Jersey Quality Single Accountability Continuum (NJQSAC) New Jersey School Boards Association October 26, 2006 Atlantic City, New Jersey Presenters:
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Threshold System Presented by Jan Stanley, State Title I Director Office of Assessment and Accountability Fall Title I Directors Conference October 23-25,
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Year 6 mental test 5 second questions
Year 6 mental test 10 second questions
Gaining Senior Leadership Support for Continuity of Operations
The Legal Foundation TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Site Safety Plans PFN ME 35B.
REVIEW: Arthropod ID. 1. Name the subphylum. 2. Name the subphylum. 3. Name the order.
EMS Checklist (ISO model)
Effectively applying ISO9001:2000 clauses 6 and 7.
Customer Service.
ABC Technology Project
1 Undirected Breadth First Search F A BCG DE H 2 F A BCG DE H Queue: A get Undiscovered Fringe Finished Active 0 distance from A visit(A)
Office for Human Research Protections 1 Updating the Common Rule Governing Human Subjects Research Protections Jerry Menikoff.
Data Sharing Agreements TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
VOORBLAD.
15. Oktober Oktober Oktober 2012.
Privacy Act: System of Records Notices and Privacy Act Statements TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
2009 Data Protection Seminar
Surveillance TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Checking & Corrective Action
1 Breadth First Search s s Undiscovered Discovered Finished Queue: s Top of queue 2 1 Shortest path from s.
Privacy Reporting and Investment Certification TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Environmental Management Systems Refresher
Digital Futures International Forum - Tuesday 18th September 1 Digital Futures International Forum The Digitisation Standard: Back & Forth Stephen Clarke.
Factor P 16 8(8-5ab) 4(d² + 4) 3rs(2r – s) 15cd(1 + 2cd) 8(4a² + 3b²)
© 2012 National Heart Foundation of Australia. Slide 2.
Understanding Generalist Practice, 5e, Kirst-Ashman/Hull
Functional Areas & Positions
Addition 1’s to 20.
25 seconds left…...
RTI Implementer Webinar Series: Establishing a Screening Process
H to shape fully developed personality to shape fully developed personality for successful application in life for successful.
Januar MDMDFSSMDMDFSSS
Week 1.
© 2004 Dechert LLP FORM N-CSR, CERTIFICATIONS AND DISCLOSURE CONTROLS AND PROCEDURES James F. DesMarais, Esq. MFS Investment Management Brian S. Vargo,
Internal Control and Control Risk
We will resume in: 25 Minutes.
12 Financial Management 12-1 Financial Planning
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
1 Phase III: Planning Action Developing Improvement Plans.
Intracellular Compartments and Transport
PSSA Preparation.
VPN AND REMOTE ACCESS Mohammad S. Hasan 1 VPN and Remote Access.
Essential Cell Biology
Copyright © 2002 by The McGraw-Hill Companies, Inc. All rights reserved Chapter The Future of Training and Development.
Immunobiology: The Immune System in Health & Disease Sixth Edition
1 Office of New Teacher Induction Introducing NTIMS New Teacher Induction Mentoring System A Tool for Documenting School Based Mentoring Mentors’ Guide.
DEFENSE PRIVACY & CIVIL LIBERTIES OFFICE Safeguarding Personally Identifiable Information (PII) Samuel P. Jenkins Director for Privacy Defense Privacy.
Presentation transcript:

Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office

Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS Privacy in the News

TRICARE Management Activity HEALTH AFFAIRS 3 Privacy Impact Assessment Future Directions Purpose The purpose of this presentation is to provide information on the new efforts to improve the Privacy Impact Assessment (PIA) process, to include a synopsis of the new DoD PIA guidance and form

TRICARE Management Activity HEALTH AFFAIRS 4 Privacy Impact Assessment Future Directions Objectives Upon completion of this presentation, you should be able to: Identify the key points outlined in the new PIA guidance Recognize the new features of the PIA template Describe the new efforts established to improve the PIA process

TRICARE Management Activity HEALTH AFFAIRS 5 Privacy Impact Assessment Future Directions Privacy and the Protection of PII DoD takes its responsibility seriously to safeguard personally identifiable information (PII) in its possession and to prevent its theft, loss, or compromise DoD is addressing privacy and security challenges through many initiatives including Privacy Impact Assessments (PIAs), Data-at-Rest (DAR), and ensuring that DoD employees are aware of their privacy responsibilities

TRICARE Management Activity HEALTH AFFAIRS 6 Privacy Impact Assessment Future Directions PIA Requirements Federal Agency PIA Requirements Section 208 of the E-Government Act of 2002 requires all agencies to conduct PIAs for all new or substantially changed information systems that collect, maintain, or disseminate PII on the public New DoD PIA Requirements DoD Instruction expands the coverage to include Federal personnel, contractors, and foreign nationals employed at U.S. military facilities internationally

TRICARE Management Activity HEALTH AFFAIRS 7 Privacy Impact Assessment Future Directions Highlights of DoDI PIA Guidance Formalizes E-Gov Act PIA requirement in DoD for greater visibility and clarity Enhances responsibilities and accountability DoD Program Manager (PM) or designee starts the assessment Requires coordination with PM, Information Assurance, and Component Privacy Expands signature requirements

TRICARE Management Activity HEALTH AFFAIRS 8 Privacy Impact Assessment Future Directions Highlights of DoDI PIA Guidance Better coordination with other processes Privacy Act SORNs Information Collection Certification and Accreditation Budget Establishes review cycle Structures privacy risk identification and assessment with new DoD PIA Form (DD 2930)

TRICARE Management Activity HEALTH AFFAIRS 9 Privacy Impact Assessment Future Directions Highlights of the New PIA Template DD Form 2930 More comprehensive tool Detailed risk analysis questions In-depth PII table for selection Technical, physical, and administrative control list provided Interactive forms with check boxes, radio buttons, and tables Digital signatures for the PDF form MS Word version also available

TRICARE Management Activity HEALTH AFFAIRS 10 Privacy Impact Assessment Future Directions New PIA Template

TRICARE Management Activity HEALTH AFFAIRS 11 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 12 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 13 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 14 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 15 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 16 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 17 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 18 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 19 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 20 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 21 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 22 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 23 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 24 Privacy Impact Assessment Future Directions New PIA Template (continued)

TRICARE Management Activity HEALTH AFFAIRS 25 Privacy Impact Assessment Future Directions FY 09 and FY 10 New Efforts DoD IT Portfolio Repository (DITPR) data review and analysis of privacy reporting elements PIA required elements Relationship to SSN and PII data elements Analysis of Component PIA information reported Privacy Threshold Analysis Tool Develop PIA spot audit process PIA Data

TRICARE Management Activity HEALTH AFFAIRS 26 Privacy Impact Assessment Future Directions PIA Data Quality Analysis Actions Phase one actions Identify PIA DITPR element changes Modify PIA reporting structures Phase 2 actions focus on analyzing Component data Privacy reporting discrepancies Records in non-compliance Records needing adequate explanations Records requiring PIA based on corresponding PII and SSN answers

TRICARE Management Activity HEALTH AFFAIRS 27 Privacy Impact Assessment Future Directions Privacy Threshold Analysis Develop a PTA tool that would be the initial determination point for whether privacy documents (SORN and/or PIA) need to be completed Incorporate questions related to: PIA SORN SSN collection Serve as documentation for each new system Target FY 10 completion and implementation

TRICARE Management Activity HEALTH AFFAIRS 28 Privacy Impact Assessment Future Directions Privacy Spot Audit Process Process for privacy personnel to conduct self-assessments focusing on: Completeness of PIAs Measuring general understanding of PIA process in compliance with DoDI Target FY 10 completion and implementation

TRICARE Management Activity HEALTH AFFAIRS 29 Privacy Impact Assessment Future Directions Moving Forward in DoD PIA Process Increase awareness of PII and the need for adequate protection Increase policy compliancy Better reporting to OMB Identification of areas for enhanced communication and collaboration to enhance privacy throughout DoD

TRICARE Management Activity HEALTH AFFAIRS 30 Privacy Impact Assessment Future Directions Summary You should now be able to: Identify the key points outlined in the new PIA guidance Recognize the new features of the PIA template Describe the new efforts established to improve the PIA process

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.