The Privacy Office assesses the privacy risk of DHS information technology (IT) systems, technologies, rulemakings, programs, pilot projects, information collections, or forms (collectively referred to as "systems and programs"), and develops mitigation strategies by reviewing and approving all DHS privacy compliance documentation.
The privacy compliance process is an ongoing cycle with four key parts to ensure appropriate oversight: Privacy Threshold Analysis (PTA), Privacy Impact Assessment (PIA), System of Records Notice (SORN), and periodic review. Each part has a distinct function in implementing privacy policy at DHS, and together they enhance the oversight of and transparency into Department activities and demonstrate accountability to the public.
