H.R. 2454 directs the Secretary of Homeland Security to develop a data framework to integrate existing DHS datasets and systems within various components and offices for access by authorized personnel.
The bill requires the Secretary to issue guidance for DHS employees to access and contribute to the data framework and ensure a duty to share between offices and components.
The bill allows the Secretary to exclude information that may jeopardize the protection of sources, methods, or activities, compromise an investigation, be inconsistent with other federal laws or regulations, or be duplicative in the framework. The Secretary shall also incorporate auditing and security capabilities within the data framework systems.
Finally, the bill requires notification to the respective committees when the data framework is fully operational and requires regular updates on the status of the data framework.
The summary below was written by the Congressional Research Service, which is a nonpartisan division of the Library of Congress, and was published on Dec 20, 2018.
Department of Homeland Security Data Framework Act of 2018
(Sec. 2) This bill directs the Department of Homeland Security (DHS) to: (1) develop a data framework to integrate existing DHS datasets and systems for access by authorized personnel in a manner consistent with relevant legal authorities and privacy, civil rights, and civil liberties protections; (2) ensure that all information of a DHS office or component that falls within the scope of the information sharing environment, and any information or intelligence relevant to priority mission needs and capability requirements of the homeland security enterprise, is included; and (3) ensure that the framework is accessible to DHS employees who have an appropriate security clearance, who are assigned to perform a function that requires access, and who are trained in applicable standards for safeguarding and using such information.
DHS shall: (1) issue guidance for DHS employees authorized to access and contribute to the framework that enforces a duty to share between DHS offices and components for mission needs; and (2) promulgate data standards and instruct DHS components to make available information through the framework in a machine-readable standard format.
DHS may exclude information that may:
jeopardize the protection of sources, methods, or activities; compromise a criminal or national security investigation; be inconsistent with the other federal laws or regulations; or be duplicative or not serve an operational purpose. DHS shall incorporate into such framework systems capabilities for auditing and ensuring the security of information. Such capabilities shall include: (1) mechanisms for identifying insider threats and security risks; and (2) safeguards for privacy, civil rights, and civil liberties.
DHS shall ensure that, by two years after this bill's enactment, the framework has the ability to include appropriate information in existence within DHS to meet its critical mission operations.
DHS shall: (1) submit to Congress regular updates on the status of the data framework until it is fully operational, and (2) annually brief Congress on component use of such framework to support operations that disrupt terrorist activities and incidents in the homeland.