The Government Accountability Office advises the Department of Homeland Security to take steps that boost oversight of contractors’ privacy controls and incident mitigation.
DHS has made policies to protect contractors’ personally identifiable information but has not yet fully complied with all of them, GAO said Thursday.
The government watchdog cited as an example that DHS headquarters did not provide a complete set of privacy training to contractors.
These policies supposedly address a set of federal privacy requirements including the oversight of contractor-operated information systems and the maintenance of a comprehensive privacy program.
GAO made a total of seven recommendations, including one that urges the U.S. Coast Guard’s privacy office to establish a time frame for developing a gap assessment process regarding a contractor’s privacy compliance.