U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. News
  3. Publications Library
  4. Privacy

Privacy

The DHS Privacy Office is responsible for evaluating the Department programs, systems, and initiatives for potential privacy impacts, and providing strategies to reduce the privacy impact.

  • DPIAC Charter & Notice of Establishment

    The DHS Data Privacy and Integrity Advisory Committee (DPIAC) provides advice at the request of the Secretary of Homeland Security and the DHS Chief Privacy Officer on programmatic, policy, operational, administrative, and technological issues within DHS that relate to personally identifiable information, as well as data integrity and other privacy-related matters. The DPIAC was established by the Secretary of Homeland Security under the authority of 6 U.S.C. section 451 and operates in accordance with the provisions of the Federal Advisory Committee Act (FACA) (5 U.S.C. App)

  • DHS-FEMA-PIA-038(a) Virginia Systems Repository (VSR): Data Repositories

    The Federal Emergency Management Agency (FEMA)’s Office of Response and Recovery (OR&R) Recovery Directorate, develops, maintains, and supports the Virginia Systems Repository (VSR). VSR is a multifaceted system that develops and deploys applications and services to support the rapidly changing needs of FEMA programs. VSR also has data repository capabilities that systematically ingest and store information from various FEMA source systems for the explicit purpose of replication and use by VSR applications. FEMA conducted this Privacy Impact Assessment (PIA) to document the retrieval, replication, and storage of Personally Identifiable Information (PII) held in VSR data repositories.

  • Identification of Disaster Code Declaration

    Identification of Disaster Code Declaration 

  • DHS/FEMA/PIA – 036 Emergency Notification System

    FEMA’s Office of Response and Recovery (ORR), Response Directorate, Operations Division, FEMA Operations Center, operates and directs the Emergency Notification System (ENS).  ENS provides alerts, notifications, warnings, and other similar operations during all hazards, threats, and emergencies to designated FEMA personnel, DHS employees, detailees, contractors, and employees of other participating federal, state, and local agencies and non-governmental organizations (NGO) in the event of a scheduled exercise or an actual emergency. FEMA conducted this Privacy Impact Assessment (PIA) because ENS collects, uses, maintains, retrieves, and disseminates Personally Identifiable Information (PII) in order to provide this service to DHS.

  • DHS/TSA/PIA-042 TSA OIA Technology Infrastructure Modernization Program

    The Transportation Security Administration (TSA)’s Office of Intelligence and Analysis (OIA) Technology Infrastructure Modernization (TIM) Program is an enterprise architecture designed to align TSA security threat assessment (STA) with credentialing activities for individuals.   These individuals require access to transportation facilities, infrastructure, assets, Sensitive Security Information (SSI), or related security credentials or clearances.  TIM integrates several vetting programs and systems and facilitates STA adjudication, credentialing, and redress processes.  TIM accesses the same Personally Identifiable Information (PII) that is already collected for the underlying STA programs.  TIM performs credentialing activities utilizing the PII that the underlying programs collect for the STAs.  In light of this new information technology framework involving existing PII, TSA is conducted this Privacy Impact Assessment (PIA) pursuant to the privacy provisions of the E-Government Act of 2002.

  • DHS/TSA/PIA-043 Travel Protocol Office Program

    The Transportation Security Administration (TSA) established the Travel Protocol Office (TPO) to support and facilitate the movement of eligible travelers whose presence at a security screening checkpoint may distract other travelers and/or reduce the efficiency of the screening process. TSA plans to collect limited Personally Identifiable Information (PII) on these individuals in order to facilitate airport transit and to conduct security screening operations.  The TPO Program applies to commercial airports within the continental United States and its territories.  Because this program entails collecting information about members of the public in identifiable form, the E-Government Act of 2002 requires that TSA conduct a Privacy Impact Assessment.

  • Customer Scheduling and Services

    U.S. Citizenship and Immigration Services (USCIS) allows customers to schedule appointments with an Immigration Service Officer (ISO) to discuss the specifics of their benefit application and petition through the infopass.uscis.gov website and customer service kiosks.  This Privacy Impact Assessment (PIA) discusses the USCIS systems associated with scheduling and managing appointments and evaluates the privacy risks and mitigation strategies built into the systems.  These systems include InfoPass and the Customer Management Information System (CMIS).  USCIS is updating and reissuing this PIA, originally published on June 6, 2013, because CMIS may collect, use, and maintain not only Alien Number, but also USCIS Electronic Immigration System Numbers and Receipt Numbers. USCIS also removed references to a planned automated process for an individual to check in for his or her appointment at a USCIS field office through bar code scanners that was not implemented, and updated the system’s Authority to Operate.

  • DHS/CBP/PIA–024 Arrival and Departure Information System

    The Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP) Arrival and Departure Information System (ADIS) consolidates data from a variety of systems to create a unique person-centric record with complete travel history. Originally, CBP created ADIS to identify individuals who had overstayed their class of admission (“visa overstays”); however, due to ADIS’s unique abilities to conduct biographic matching, data-tagging, and filtering, CBP is broadening its use of ADIS for all traveler encounters regardless of citizenship. CBP is republishing this Privacy Impact Assessment (PIA) to provide notice, and assess the privacy risks, of expanding ADIS beyond its original visa overstay mission. As the primary CBP system used to determine person-centric travel history and immigration status, ADIS supports a variety of non-law enforcement use cases that often require U.S. citizen travel history. CBP is reissuing this PIA to document the expanded uses of ADIS and its maintenance of all CBP travel records, including those of U.S. citizens.

  • DHS/OBIM/PIA-001 Automated Biometric Identification System

    The Automated Biometric Identification System (IDENT) is the central DHS-wide system for storage and processing of biometric and associated biographic information for national security; law enforcement; immigration and border management; intelligence; background investigations for national security positions and certain positions of public trust; and associated testing, training, management reporting, planning and analysis, or other administrative uses. This Privacy Impact Assessment (PIA) and the attached appendices provide transparency into how the system uses Personally Identifiable Information (PII) and details the system’s sharing partners and functions.

  • DHS Data Mining Reports

    The Data Mining Report is published annually pursuant to the Federal Agency Data Mining Reporting Act of 2007, which requires DHS to report to Congress on DHS activities that meet the Act’s definition of data mining. The report summarizes DHS programs that conduct pattern-based queries, searches, or analyses of one or more electronic databases to discover or locate a predictive pattern or anomaly indicative of terrorist or criminal activities.