White House Issues Data Breach Guidance for Federal Agencies

The White House Office of Management and Budget has released guidance establishing common standards and practices for how federal agencies manage data breaches. The Data Breach Memorandum sets out a risk-based framework for evaluating data breaches and requires each agency to develop a data breach response plan. Not all breaches will trigger individual notification under the guidance. The new guidance comes four months after a House Government and Oversight Committee report criticized the Office of Personnel Management about the 2015 data breaches that compromised the records of 22 million federal employees and family members. EPIC testified in 2009 and 2011 in support of strong data breach notification laws, filed comments with the Office of Personal Management recommending limits on data collection, and has urged the Supreme Court to recognize a right of "information privacy" that would limit the ability of the federal government to collect personal information.


« Senate Armed Services Committee to Examine Foreign Cyber Threats | Main | Supreme Court Declines to Review Video Privacy Violations by Google, Viacom »

Share this page:

Support EPIC

EPIC relies on support from individual donors to pursue our work.

Defend Privacy. Support EPIC.

#Privacy

EPIC Bookstore

Communications Law and Policy

Communications Law and Policy
Jerry Kang and Alan Butler