AT-03(05) Processing Personally Identifiable Information
Provide at-03.05_odp.01 with initial and at-03.05_odp.02 training in the employment and operation of personally identifiable information processing and transparency controls.
Parameter ID | Definition |
---|---|
at-03.05_odp.01 | personnel or roles |
at-03.05_odp.02 | frequency |
Baselines
- L
- M
- H
- P
Guidance
Personally identifiable information processing and transparency controls include the organization’s authority to process personally identifiable information and personally identifiable information processing purposes. Role-based training for federal agencies addresses the types of information that may constitute personally identifiable information and the risks, considerations, and obligations associated with its processing. Such training also considers the authority to process personally identifiable information documented in privacy policies and notices, system of records notices, computer matching agreements and notices, privacy impact assessments, [PRIVACT](#18e71fec-c6fd-475a-925a-5d8495cf8455) statements, contracts, information sharing agreements, memoranda of understanding, and/or other documentation.
Related controls 4
- PT-02 Authority to Process Personally Identifiable Information L M H P
- PT-03 Personally Identifiable Information Processing Purposes L M H P
- PT-05 Privacy Notice L M H P
- PT-06 System of Records Notice L M H P