GPO Privacy Program
1. Purpose. The GPO Privacy Program establishes a framework for the protection of personally identifiable information (PII) at the U.S. Government Publishing Office. Appropriate measures are established to protect PII from unauthorized use, access, disclosure, or sharing and to protect related information systems from unauthorized access, modification, disruption, or destruction.
2. Authority. 44 U.S.C. 301. Directive 825.41 “Protection of Personally Identifiable Information (PII)” incorporates by reference all the provisions of GPO Directive 825.33A, Information Technology (IT) Security Program Statement of Policy, and its appendices, dated December 8, 2007, and any amendments thereto. In addition, OMB Memorandum 07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information, dated May 22, 2007, and National Institute of Standards and Technology Publication 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) (Draft), dated January 13, 2009, and any subsequent revisions to those documents.
3. Policy. The U.S. GPO will protect the confidentiality of PII consistent with best practices to insure that it is not subject to unauthorized use, access, disclosure, or sharing. These efforts extend to related information systems so that they also will not be subject to unauthorized access, modification, disruption, or destruction. Individuals may, in the regular course of agency activities, disclose employee names, work telephone numbers, work email addresses, other business-related identifying information, and other PII that is otherwise permitted to be made public by law or regulation. Information Security establishes requirements for the maintenance and security of Personally Identifiable Information (PII) maintained on agency information technology (IT) systems. The Information Security Division provides guidance and resources to help users understand these requirements and how they are implemented in the U.S. Government Publishing Office business units.
Continuity of Operations Programs (COOP)
GPO Privacy Program
Privacy Program Information Line
202.512.2205 Antonio F. David Workman, CIPP/G, CIPP/IT
GPO Privacy Program Manager