Skip to content

Latest commit

 

History

History
24 lines (20 loc) · 2.58 KB

11.md

File metadata and controls

24 lines (20 loc) · 2.58 KB
Raw
play_number title
11
Manage security and privacy through reusable processes

Our digital services have to protect sensitive information and keep systems secure. This is typically a process of continuous review and improvement which should be built into the development and maintenance of the service. At the start of designing a new service or feature, the team lead should engage the appropriate privacy, security, and legal officer(s) to discuss the type of information collected, how it should be secured, how long it is kept, and how it may be used and shared. The sustained engagement of a privacy specialist helps ensure that personal data is properly managed. In addition, a key process to building a secure service is comprehensively testing and certifying the components in each layer of the technology stack for security vulnerabilities, and then to re-use these same pre-certified components for multiple services.

The following checklist provides a starting point, but teams should work closely with their privacy specialist and security engineer to meet the needs of the specific service.

Checklist

  1. Contact the appropriate privacy or legal officer of the department or agency to determine whether a System of Records Notice (SORN), Privacy Impact Assessment, or other review should be conducted
  2. Determine, in consultation with a records officer, what data is collected and why, how it is used or shared, how it is stored and secured, and how long it is kept
  3. Determine, in consultation with a privacy specialist, whether and how users are notified about how personal information is collected and used, including whether a privacy policy is needed and where it should appear, and how users will be notified in the event of a security breach
  4. Consider whether the user should be able to access, delete, or remove their information from the service
  5. “Pre-certify” the hosting infrastructure used for the project using FedRAMP
  6. Use deployment scripts to ensure configuration of production environment remains consistent and controllable

Key Questions

  • Does the service collect personal information from the user? How is the user notified of this collection?
  • Does it collect more information than necessary? Could the data be used in ways an average user wouldn't expect?
  • How does a user access, correct, delete, or remove personal information?
  • Will any of the personal information stored in the system be shared with other services, people, or partners?
  • How and how often is the service tested for security vulnerabilities?
  • How can someone from the public report a security issue?