PPC_CIPM_300x250.FINAL-01
Certification_CIPT_300x250final-01

By Shannon Ballard

The week of November 24-28, the U.S. Department of Homeland Security (DHS) Privacy Office completed its first overseas study visit to the United Kingdom. Compliance Director Rebecca Richards and Associate Director of International Privacy Policy Lauren Saadat spent several days at the UK Information Commissioner's Office (ICO), learning how the ICO implements the UK Data Protection Act. Richards and Saadat also had meetings with the Cabinet Office, the Ministry of Justice Information Directorate, and the UK Border Agency to determine the roles of other UK government bodies in privacy oversight.

Most notable to DHS staff was the work of the Cabinet Office and its authority over data protection in the public sector. Reacting to a series of high-level public sector breaches, in June 2008 the Cabinet Office issued a Data Handling Report that sets forth requirements for mandatory accountability within central government agencies. Central government agencies must compile systems inventories and conduct Privacy Impact Assessments for projects requiring new procurements. The report also makes training mandatory for those with access to protected personal information or involved in its management.

The exchange was extremely useful for understanding data protection oversight for the public sector in the UK, and especially in the law enforcement and national security area. This was the third in an ongoing series of international exchanges—previously, the DHS Privacy Office hosted experts from the Spanish Data Protection Authority and the Office of the Canadian Privacy Commissioner. More will follow in 2009.

Shannon Ballard is an associate director of international privacy policy at the U.S. Department of Homeland Security. She can be reached at shannon.ballard@dhs.gov.

0 Comments

If you want to comment on this post, you need to login

Related