PM-20 Dissemination of Privacy Program Information
Maintain a central resource webpage on the organization’s principal public website that serves as a central source of information about the organization’s privacy program and that:
a. Ensures that the public has access to information about organizational privacy activities and can communicate with its senior agency official for privacy;
b. Ensures that organizational privacy practices and reports are publicly available; and
c. Employs publicly facing email addresses and/or phone lines to enable the public to provide feedback and/or direct questions to privacy offices regarding privacy practices.
Baselines
- L
- M
- H
- P
Guidance
For federal agencies, the webpage is located at www.[agency].gov/privacy. Federal agencies include public privacy impact assessments, system of records notices, computer matching notices and agreements, [PRIVACT](#18e71fec-c6fd-475a-925a-5d8495cf8455) exemption and implementation rules, privacy reports, privacy policies, instructions for individuals making an access or amendment request, email addresses for questions/complaints, blogs, and periodic publications.
References 3
- PRIVACT Privacy Act (P.L. 93-579), December 1974.
- OMB A-130 Office of Management and Budget Memorandum Circular A-130, *Managing Information as a Strategic Resource* , July 2016.
- OMB M-17-06 Office of Management and Budget Memorandum M-17-06, *Policies for Federal Agency Public Websites and Digital Services* , November 2016.
Control Enhancements 1
Related controls 6
- AC-03 Access Enforcement L M H P
- PM-19 Privacy Program Leadership Role L M H P
- PT-05 Privacy Notice L M H P
- PT-06 System of Records Notice L M H P
- PT-07 Specific Categories of Personally Identifiable Information L M H P
- RA-08 Privacy Impact Assessments L M H P