H. R. 1617
IN THE SENATE OF THE UNITED STATES
March 26, 2009
Received; read twice and referred to the Committee on Homeland Security and Governmental Affairs
To amend the Homeland Security Act of 2002 to provide for a privacy official within each component of the Department of Homeland Security, and for other purposes.
This Act may be cited as the
Department of Homeland Security
Component Privacy Officer Act of 2009.
Establishment of privacy official within each component of Department of Homeland Security
Subtitle C of title II of the Homeland Security Act of 2002 (6 U.S.C. 141 et seq.) is amended by inserting after section 222 the following new section:
The components of the Department referred to in this subparagraph are as follows:
The Transportation Security Administration.
The Bureau of Citizenship and Immigration Services.
Customs and Border Protection.
Immigration and Customs Enforcement.
The Federal Emergency Management Agency.
The Coast Guard.
The Directorate of Science and Technology.
The Office of Intelligence and Analysis.
The Directorate for National Protection and Programs.
Each privacy official designated under subsection (a) shall report directly to both the head of the official’s component and the senior official appointed under section 222, and shall have the following responsibilities with respect to the component:
Serve as such senior official’s main point of contact at the component to implement the polices and directives of such senior official in carrying out section 222.
Advise the head of that component on privacy considerations when any law, regulation, program, policy, procedure, or guideline is proposed, developed, or implemented.
Assure that the use of technologies by the component sustain or enhance privacy protections relating to the use, collection, and disclosure of personal information within the component.
Identify privacy issues related to component programs and apply appropriate privacy policies in accordance with Federal privacy law and Departmental policies developed to ensure that the component protects the privacy of individuals affected by its activities.
Monitor the component’s compliance with all applicable Federal privacy laws and regulations, implement corrective, remedial, and preventive actions and notify the senior official appointed under section 222 of privacy issues or non-compliance, whenever necessary.
Ensure that personal information contained in Privacy Act systems of records is handled in full compliance with section 552a of title 5, United States Code.
Assist in drafting and reviewing privacy impact assessments, privacy threshold assessments, and system of records notices, in conjunction with and under the direction of the senior official appointed under section 222, for any new or substantially changed program or technology that collects, maintains, or disseminates personally identifiable information within the official’s component.
Assist in drafting and reviewing privacy impact assessments, privacy threshold assessments, and system of records notices in conjunction with and under the direction of the senior official appointed under section 222, for proposed rulemakings and regulations within the component.
Conduct supervision of programs, regulations, policies, procedures, or guidelines to ensure the component’s protection of privacy and, as necessary, promulgate guidelines and conduct oversight to ensure the protection of privacy.
Implement and monitor privacy training for component employees and contractors in coordination with the senior official appointed under section 222.
Provide the senior official appointed under section 222 with written materials and information regarding the relevant activities of the component, including privacy violations and abuse, that are needed by the senior official to successfully prepare the reports the senior official submits to Congress and prepares on behalf of the Department.
Any other responsibilities assigned by the Secretary or the senior official appointed under section 222.
Role of component heads
The head of a component identified in subsection (a)(2) shall ensure that the privacy official designated under subsection (a) for that component—
has the information, material, and resources necessary to fulfill the responsibilities of such official under this section;
is advised of proposed policy changes and the development of new programs, rules, regulations, procedures, or guidelines during the planning stage and is included in the decisionmaking process; and
is given access to material and personnel the privacy official deems necessary to carry out the official’s responsibilities.
Nothing in this section shall be considered to abrogate the role and responsibilities of the senior official appointed under section 222.
The table of contents in section 1(b) of such Act is amended by inserting after the item related to section 222 the following new item:
Sec. 222A. Privacy officials.
Passed the House of Representatives March 24, 2009.
Lorraine C. Miller,