U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. News
  3. Publications Library
  4. Privacy

Privacy

The DHS Privacy Office is responsible for evaluating the Department programs, systems, and initiatives for potential privacy impacts, and providing strategies to reduce the privacy impact.

  • DHS/FPS/PIA-003 FPS Post Tracking System (PTS)

    The Department of Homeland Security’s (DHS) Federal Protective Service (FPS) is developing the Post Tracking System (PTS). PTS will be used to verify the identity, suitability, training completion, and time and attendance of Protective Security Officers (PSO) who serve as contracted guards at federal facilities. FPS is conducting this Privacy Impact Assessment (PIA) because PTS collects personally identifiable information (PII) of DHS employees and contract personnel.

  • DHS/CBP/PIA-060 e-Allegations Portal

    The Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP) is responsible for securing the United States and its borders while facilitating lawful travel and trade. The CBP Office of Trade (OT) facilitates lawful international trade activities, enforces violations of various trade laws and regulations, and investigates allegations of trade violations made by the members of the public. CBP created a public-facing website called “e-Allegations” for members of the public and the trade community to report potential violation of criminal and trade laws and regulations.

  • Privacy Compliance Review of FEMAs Information Sharing Practices

    The DHS Privacy Office conducted a Privacy Compliance Review (PCR) of FEMA that focused on information sharing practices and oversight in response to two major privacy incidents that occurred during Fiscal Year 2019.  This PCR details six recommendations to improve FEMA’s implementation of information sharing and safeguarding activities that adequately protect individuals’ privacy.

  • DHS/ALL/PIA-075 Workforce Analytics and Employee Records

    Workforce Analytics and Employee Records is a Federal Human Capital Business Function whereby federal agencies implement a systematic process to review workforce and performance data, metrics, and results. Federal agencies conduct these reviews in an effort to anticipate and plan for future strategic and operational requirements and to make holistically informed Human Capital Management decisions. Specifically, federal human capital organizations generate evidence-based metrics to support decision-making concerning recruitment, staffing, training, and workforce development. The Workforce Analytics and Employee Records Business Function also facilitates compensation and benefits modeling, as well as the application of statistical models on such human resources (HR) issues as retention rates, time to on-board, retirement trends, and employee engagement. The Department of Homeland Security (DHS) is conducting this Privacy Impact Assessment (PIA) because the systems and data sources that support Workforce Analytics and Employee Records at DHS collect, use, store, and transmit personally identifiable information (PII) and sensitive personally identifiable information (SPII).

  • DHS/CBP/PIA-059 E-Commerce “Section 321” Data Pilot

    U.S. Customs and Border Protection (CBP) is conducting a voluntary test to collect certain advance data related to shipments potentially eligible for release under Section 321 of the Tariff Act of 1930, as amended, 19 U.S.C. § 1321 (“Section 321”). Section 321 provides for an administrative exemption from duty and taxes for shipments of merchandise (other than bona-fide gifts and certain personal and household goods) imported by one person on one day having an aggregate fair retail value in the country of shipment of not more than $800. Pursuant to this test, participants will electronically transmit certain data elements pertaining to these shipments to CBP in advance of arrival. CBP is conducting this test to determine the feasibility of requiring advance data from different types of parties and requiring additional data that is generally not required under current regulations in order to effectively identify and target high-risk shipments in the e-commerce1 environment. CBP published a Notice in the Federal Register on July 23, 2019, announcing the pilot.2 CBP is publishing this new Privacy Impact Assessment (PIA) to provide notice of information collection requirements for the Section 321 Data Pilot, and to assess the privacy risks of its collection and use of personally identifiable information under this pilot.

  • DHS/CISA/PIA-033 National Cybersecurity Protection System (NCPS)-Intrusion Detection

    The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) leads the Federal Government effort to protect and defend federal civilian Executive Branch agency networks from cyber threats. These efforts are conducted, in part, through the National Cybersecurity Protection System’s (NCPS) intrusion detection capabilities — formerly referred to as EINSTEIN 1 and EINSTEIN 2. This Privacy Impact Assessment (PIA) provides a programmatic update on the NCPS intrusion detection capabilities and provides an in-depth analysis of the collection of information related to known or suspected cyber threats that could potentially include information that could be considered personally identifiable information (PII). Due to the close operational relationship between the NCPS network flow (netflow) and intrusion detection capabilities, this PIA combines, updates, and replaces the former EINSTEIN PIA (September 2004) and EINSTEIN 2 PIA (May 2008).

  • DHS/USSS/PIA-025 United States Secret Service Special Operations Division Counter-Unmanned Aircraft Systems in support of United Nations General Assembly

    The United States Secret Service’s (USSS or Secret Service) Special Operations Division (SOD) is conducting a pilot, in coordination with the U.S. Coast Guard (USCG) and Science & Technology Directorate (S&T), to test and evaluate technologies used to detect, identify, and mitigate Unmanned Aircraft Systems (UAS) that may pose a potential threat to “covered facilities” and assets at the September 2019 United Nations General Assembly (UNGA). These protective technologies are referred to as Counter-UAS (C-UAS) systems. This Privacy Impact Assessment (PIA) discusses measures taken to mitigate privacy risks and the impact to protect personally identifiable information (PII) during the deployment of C-UAS technologies in an urban setting under operational circumstances.

  • DPIAC Recommendations Report 2018-02 Immigration Statistics Data Dissemination Practices

    On September 15, 2017, the DHS Chief Privacy Officer issued a tasking requesting that the DPIAC provide guidance on how best to disseminate statistical data from the Office of Immigration Statistics (OIS) in order to strengthen the Department’s ability to analyze the immigration enforcement and immigration benefits lifecycles, and provide real-time access to relevant immigration data needed to support operations, analysis, reporting, and strategic decision making. This integrated immigration data system will also support the Department’s ability to disseminate statistics and to permit public access to statistical information that will inform key stakeholders and promote transparency.

  • DHS/S&T/PIA-038 Next Generation First Responder Apex Program

    The Department of Homeland Security (DHS) Science and Technology (S&T) Directorate established the Next Generation First Responder (NGFR) Apex Program (Program), a research, development, testing, evaluation, (RDT&E) and standards program, adapting existing technologies, developing new capabilities, and working with the private sector to enhance capabilities for first responders across the nation. More than 60 individual RDT&E projects “align” to the NGFR Apex Program. Program activities include technology integration demonstrations and/or operational experimentations (OpEx) and the development of knowledge products, such as facts sheets and case studies. DHS S&T is conducting the NGFR Apex Program Privacy Impact Assessment (PIA) because the Program involves the use of personally identifiable information (PII) as well as technologies that raise potential privacy concerns.

  • DHS/CISA/PIA-031 Small Unmanned Aircraft Systems (sUAS)

    The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Infrastructure Security (IS) Division plans to incorporate the use of small unmanned aircraft systems (sUAS) into its program offering exercises to critical infrastructure protection stakeholders to train for, assess, practice, and improve performance in prevention, protection, mitigation, response, and recovery capabilities for natural or man-made attacks. Uses during exercises include capturing photographic and video images of the exercise activities and to use the sUAS as a simulated payload delivery mechanism for certain exercise scenarios. CISA is conducting this Privacy Impact Assessment to address the privacy impacts of the sUAS image-capturing capabilities.